The Agent Skills Directory

[PROMPT_INJECTION]: Potential for indirect prompt injection via untrusted external data ingestion. \n- Ingestion points: Ingests untrusted 'Draft email text' and research data (LinkedIn About sections, career history, and public statements) in Phase 1 and the Reference file. \n- Boundary markers: The skill instructions do not utilize specific delimiters or instructions to ignore potential commands embedded within the prospect data or email drafts. \n- Capability inventory: The skill is limited to text analysis and email generation; it does not possess capabilities for system command execution or unauthorized file modifications. \n- Sanitization: No explicit validation or filtering of the ingested external content is defined before the content is used for persona simulation and email rewriting.

email-response-simulation