The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is susceptible to indirect prompt injection because it ingests untrusted data and has exploitable capabilities. Ingestion points: The skill is configured to read from user-provided job descriptions, interview guides, and onboarding documents, and it utilizes the WebSearch tool for external data gathering. Boundary markers: There are no delimiters or instructions provided to the agent to treat processed data as untrusted or to ignore embedded instructions. Capability inventory: The skill possesses Read, Write, Edit, Task, and WebSearch capabilities, which could be misused if a malicious instruction is followed. Sanitization: The documentation does not specify any sanitization, validation, or filtering of external content before processing.

faion-hr-recruiter