The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and summarize information from external resources (books, articles, and online communities) specified in the RESOURCES.md file. This data is then used to generate HTML lessons and dashboard content. There is a potential risk that an attacker-controlled resource could contain instructions intended to manipulate the agent's behavior during the generation process.
Ingestion points: RESOURCES.md, external links, and user-provided learning preferences in NOTES.md and MISSION.md.
Boundary markers: The skill does not explicitly define delimiters or instructions to ignore embedded commands when processing external resource data.
Capability inventory: The agent performs file system writes across multiple directories (/lessons/, /reference/, /learning-records/) and is encouraged to execute shell commands to serve or open the generated files.
Sanitization: No explicit sanitization or validation logic is defined for the content extracted from external resources.
[EXTERNAL_DOWNLOADS]: The skill instructs the agent to include a reference to the Tailwind CSS Play CDN (https://cdn.jsdelivr.net/npm/@tailwindcss/browser@4) in generated HTML artifacts. This fetches code from a well-known and established content delivery network for the purpose of styling.
[COMMAND_EXECUTION]: The instructions suggest the use of local CLI tools to serve the workspace (e.g., python -m http.server) or to open the generated lesson files. These actions are transparently described as part of the workflow for reviewing educational content.

teach