The Agent Skills Directory

[PROMPT_INJECTION]: The skill facilitates an Indirect Prompt Injection surface. It instructs agents to retrieve task metadata and comments using the hive hc tool and incorporate that content into their session context. Malicious content within these fields could override agent instructions.
Ingestion points: SKILL.md describes commands like hive hc context, hive hc show, and hive hc list which fetch data from an external coordination system.
Boundary markers: The instructions lack guidance on using delimiters or wrappers to isolate retrieved coordination data from the agent's core instructions.
Capability inventory: The agent has the ability to execute shell commands (specifically hive hc) based on its understanding of the task state, which could be manipulated by injected instructions.
Sanitization: There is no evidence of sanitization, filtering, or validation performed on the messages or descriptions retrieved from the coordination system.

hc