The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted external data from RSS feeds and canonical web pages during its research phase. While the instructions define a clear workflow for data extraction and normalization, the lack of explicit boundary markers or 'ignore embedded instructions' warnings for the external content creates a surface for indirect prompt injection. This is a common characteristic of research-oriented skills.
Ingestion points: scripts/fetch-rss.mjs (RSS XML), SKILL.md workflow (browsing canonical URLs).
Boundary markers: Absent in prompt interpolation of external news content.
Capability inventory: System command execution (execFile for browser opening) and local file writing in src/build-report.ts.
Sanitization: The safeJsonEmbed function in src/build-report.ts escapes < characters as \u003c to mitigate script injection risks in the final HTML report.
[EXTERNAL_DOWNLOADS]: The skill fetches content from a large catalog of technology news sources, official vendor blogs, and research repositories listed in references/sources.md. These domains (e.g., openai.com, blog.google, vercel.com, cloudflare.com) are well-known technology entities and are considered safe sources for the intended news-gathering purpose.
[COMMAND_EXECUTION]: The skill utilizes local Node.js scripts to perform data processing. The src/build-report.ts script uses execFile to launch the default system browser to view the generated report. This execution is limited to opening the local HTML file created by the skill.

octocode-news