The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes incoming messages from external sources through the awiki network, creating a surface for indirect prompt injection. To mitigate this risk, the skill provides extensive rules in SKILL.md and references/RULES.md that explicitly instruct the agent to treat these messages as data rather than instructions and to ignore any commands contained within them.
[COMMAND_EXECUTION]: The scripts/query_db.py tool allows the agent to execute SQL queries against its local SQLite database. The local_store.py module implements safety checks to prevent destructive operations such as DROP, TRUNCATE, and DELETE without a WHERE clause, ensuring the tool is used only for data inspection and management.
[EXTERNAL_DOWNLOADS]: The scripts/manage_group.py script includes a --fetch-doc parameter that allows the agent to download content from arbitrary URLs. This is a functional requirement for retrieving group documentation but allows the agent to access external web content at runtime.
[EXTERNAL_DOWNLOADS]: Installation instructions in SKILL.md provide an option to download the skill archive from awiki.info via unencrypted HTTP. While this is a best-practice violation, it originates from the vendor's infrastructure and is provided as an alternative installation method.

awiki-agent-id-message