The Agent Skills Directory

[SAFE]: The skill manages sensitive credentials like GAM_API_KEY and GAM_CHAT_API_KEY through environment variables, which is a recommended security practice.- [SAFE]: Installation is performed via pip from the local directory (pip install -e .), avoiding unverifiable remote script execution.- [PROMPT_INJECTION]: The skill processes untrusted external data (PDFs, videos, trajectories) to build its memory system, creating a surface for indirect prompt injection (Category 8).
Ingestion points: Content is ingested via the wf.add() method as seen in SKILL.md.- Boundary markers: None identified in the provided examples to delimit untrusted content.- Capability inventory: The skill performs file system reads and makes network requests to external LLM APIs (OpenAI, local vLLM).- Sanitization: No explicit sanitization or filtering of input content is demonstrated in the implementation examples.- Note: This surface is inherent to the primary purpose of a RAG/memory system and does not indicate malicious intent.

general-agentic-memory