The Agent Skills Directory

Prompt Injection (LOW): The skill documentation describes a workflow (Category 8: Indirect Prompt Injection) where archive matches are aggregated and sent to an AI model for synthesis. This pattern is vulnerable to malicious instructions embedded in the archived data.
Ingestion points: references/ai-integration.md (autonomous_search function).
Boundary markers: The provided pseudo-code does not demonstrate the use of delimiters or 'ignore' instructions for the AI.
Capability inventory: Use of subprocess.run to execute ripgrep and git across multiple files.
Sanitization: No sanitization of ingested file content is described before it is provided as context to the LLM.

archive-searcher