The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external data from Jira tickets and user-provided topics. (1) Ingestion points: External Jira ticket summaries and user topic descriptions are used to name folders and populate notes (SKILL.md). (2) Boundary markers: No delimiters or warnings are used when interpolating this untrusted data into the note templates. (3) Capability inventory: The skill can create directories and files via the Bash and Write tools (SKILL.md). (4) Sanitization: No sanitization or validation of the input data is performed before use.
[COMMAND_EXECUTION]: The skill manages environment variables by instructing users to modify their shell profiles and uses shell commands for file system management. (1) Evidence: Instructions to the user to manually add export statements to shell profile files like ~/.zshrc to configure the vault path. (2) Evidence: Usage of shell commands such as ls and mkdir via the Bash tool to organize directories within the vault path.

obsidian-vault