The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted user input to derive site specifications. Ingestion points: User descriptions, images, image URLs, and documents are analyzed to infer design parameters. Boundary markers: The skill does not implement delimiters or instructions for the agent to ignore potentially malicious commands embedded in user-supplied content. Capability inventory: The skill generates a JSON specification and a summary table for display. It lacks dangerous capabilities such as direct file writing, command execution, or non-whitelisted network operations. Sanitization: No explicit sanitization or validation of the inferred data is defined. Note: The design includes a manual confirmation step, requiring the user to verify the extracted specifications, which acts as a safeguard.

site-specification