The Agent Skills Directory

[PROMPT_INJECTION]: The skill analyzes external codebases to generate documentation, which creates a potential surface for indirect prompt injection. 1. Ingestion points: The agent reads project files using tools like Read, Glob, and Grep as specified in the SKILL.md execution flow. 2. Boundary markers: While the skill includes a verification checklist and instructions to base content on real files, it lacks specific delimiters or instructions to ignore embedded malicious prompts within the code comments or documentation it reads. 3. Capability inventory: The skill utilizes the Read, Write, Edit, Glob, Grep, and Bash tools. 4. Sanitization: The instructions do not define explicit sanitization or validation steps for the content ingested from the codebase before it is processed.
[SAFE]: The skill contains no evidence of malicious patterns such as remote code execution, persistence mechanisms, or credential theft. It incorporates defensive instructions in its workflow and verification checklist specifically designed to prevent the accidental inclusion of secrets or sensitive data in generated documents.

document-writer