The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its requirement to ingest and process data from external, potentially untrusted sources.\n- Ingestion points: The agent is instructed to monitor and analyze content from support tickets, user feedback platforms (e.g., Typeform, SurveyMonkey), and CRM integrations (Salesforce, HubSpot).\n- Boundary markers: The instructions do not define delimiters or specific protocols to isolate external data from the agent's core instructions.\n- Capability inventory: The skill has access to sensitive tools including Bash, Write, MultiEdit, and WebFetch, which could be exploited if malicious instructions are successfully injected via analyzed data.\n- Sanitization: There are no specifications for sanitizing or validating the data inputs before they are interpreted or acted upon by the agent.

customer-success-manager