The Agent Skills Directory

[PROMPT_INJECTION]: The validate_with_llm function in SKILL.md interpolates untrusted input (original_text) directly into an LLM prompt template. This creates a surface for indirect prompt injection where malicious instructions embedded in the text being parsed could influence the LLM's validation output.
Ingestion points: content parameter in process_document and original_text in validate_with_llm.
Boundary markers: Absent; the user input is concatenated with the prompt instructions.
Capability inventory: Invokes an LLM (claude-haiku-4-5-20251001) via a message client.
Sanitization: No sanitization or escaping is performed on the input text before prompt interpolation.

regex-vs-llm-structured-text