The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes content from user-provided images, which creates an inherent surface for indirect prompt injection if an image contains malicious text intended to influence the agent's behavior. However, the risk is negligible given the skill's restricted output capabilities.
Ingestion points: The image file path provided as a positional argument in SKILL.md.
Boundary markers: No explicit delimiters are used during the vision analysis phase, though the agent is guided by a systematic analysis framework.
Capability inventory: The skill is restricted to file system operations (creating directories and writing JSON artifacts) and basic file utilities.
Sanitization: Input verification is performed using the file utility to ensure the target path is a valid image before processing.

ingest-screenshot