The Agent Skills Directory

[PROMPT_INJECTION]: The skill defines a contract for ingesting untrusted data from external providers like Notion and GitHub into Markdown summaries (Ingestion points: SKILL.md). This establishes a surface for indirect prompt injection. The proposed implementation lacks sanitization or boundary markers for the external content (Sanitization: absent; Boundary markers: absent). While the skill itself contains no executable code (Capability inventory: none), the resulting digests are intended to be consumed by other agents, creating a multi-step chain vulnerability.

daily-digest