The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by facilitating the ingestion and processing of untrusted data from external sources for indexing and search operations.
Ingestion points: The skill demonstrates reading data from local files using node:fs and node:readline in examples/bulk-operations.md, and accepting arbitrary user query strings for searches in examples/core.md.
Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are employed when interpolating external data into search queries or index operations.
Capability inventory: The skill provides tools for network communication via the @elastic/elasticsearch client and file system access.
Sanitization: The provided examples do not include explicit sanitization or validation logic for the ingested content before it is processed by the search engine.
[CREDENTIALS_UNSAFE]: SKILL.md and examples/core.md contain code snippets illustrating hardcoded credentials (username: "elastic", password: "changeme"). While these are explicitly presented as a 'Bad Example' and documented as an anti-pattern for educational purposes, they represent a credential exposure pattern.

api-search-elasticsearch