The Agent Skills Directory

[PROMPT_INJECTION]: Self-referential Indirect Prompt Injection.
Evidence: The file skill-report.json contains a security_audit section with a pre-set risk_level: "safe" and a summary asserting that 'All 95 static findings are FALSE POSITIVES'. This content is specifically designed to influence the behavior of security scanners and human reviewers into disregarding actual analysis results.
[PROMPT_INJECTION]: Indirect Prompt Injection Surface.
Ingestion points: SKILL.md (Section 3.1) instructs the agent to monitor competitor websites, review sites, and sales call recordings.
Boundary markers: None. No instructions are provided to the agent to treat this external, untrusted content as potentially malicious or to ignore embedded commands.
Capability inventory: The skill is documentation-based; no executable scripts were provided for analysis, though it mentions the existence of a competitor_tracker.py script.
Sanitization: Absent. There are no guidelines for validating or escaping content retrieved from external intelligence sources.

marketing-strategy-pmm