The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest and process content and engagement signals from external social media platforms (such as Douyin, TikTok, and Xiaohongshu). This data represents untrusted input that could contain adversarial instructions intended to influence agent behavior.
Ingestion points: Processes external social content, signals, and user comments as defined in SKILL.md and signal-collection.md.
Boundary markers: The skill does not explicitly define delimiters or instructions to ignore embedded commands when processing retrieved social data.
Capability inventory: The agent is authorized to implement code patterns and execute visualization scripts based on the processed data.
Sanitization: The trust-safety.md reference provides heuristics for filtering toxicity and spam, which mitigates but does not fully eliminate the potential for indirect injection.
[COMMAND_EXECUTION]: Local Script Execution. The skill instructs the agent to execute a local visualization script (node render.mjs) as part of its reporting phase. While this is a documented feature of the workflow, it involves the execution of code in the local environment based on processed metrics.

data-algo-social