The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes user-supplied data ($ARGUMENTS) for research purposes. While this creates a surface for indirect prompt injection, the risk is mitigated by the skill's restricted scope and built-in guardrails. 1. Ingestion points: User input enters via the $ARGUMENTS variable in SKILL.md. 2. Boundary markers: Absent; the skill relies on instructional logic. 3. Capability inventory: Limited to reading its own template, writing to .claude/output/, and launching subagents. 4. Sanitization: None specified.
[SAFE]: The skill workflow includes strict rules to prevent unauthorized actions, such as 'Never implement' and 'End with discussion', ensuring the user remains in control.
[SAFE]: No obfuscation, hardcoded credentials, or unauthorized remote code execution patterns were detected in the skill's instructions or references.

brainstorm