The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from task data retrieved via the Dida365 API.\n- Ingestion points: Task titles and notes are ingested into the agent context via the cmd_tasks function in tt.py.\n- Boundary markers: The SKILL.md file lacks boundary markers or instructions for the agent to isolate external task content from primary instructions.\n- Capability inventory: The agent can create, list, update, and delete tasks based on its interpretation of the retrieved content.\n- Sanitization: Content fetched from the API is displayed to the agent without filtering or validation for natural language instructions.

dida365