The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the ingestion of untrusted curriculum data.
Ingestion points: Data is pulled from the existing_curriculum_documents, competency_framework, and prior_knowledge_baseline fields in SKILL.md.
Boundary markers: The system prompt does not use delimiters or explicit instructions to isolate user-provided content from the agent's instructions.
Capability inventory: The skill has no high-risk capabilities; it is limited to text generation and has no access to the shell, network, or external file system.
Sanitization: No validation or sanitization is applied to the curriculum inputs before they are included in the prompt context.

curriculum-knowledge-architecture-designer