The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection (Category 8) by interpolating raw user input into the agent's instructions.
Ingestion points: User-provided text enters the context through the original_source, student_level, and target_skills placeholders in SKILL.md.
Boundary markers: There are no structural delimiters or unique markers surrounding the user-provided placeholders to isolate them from the agent's core logic.
Capability inventory: The skill's capabilities are restricted to text generation and formatting; it does not request or use tools for filesystem access, network connectivity, or shell execution.
Sanitization: The input is not sanitized or validated for instruction-like patterns before being processed by the model.

historical-source-adapter