The Agent Skills Directory

[PROMPT_INJECTION]: The skill incorporates external user input into its internal prompt using variables such as {{wellbeing_intervention}} and {{school_context}}. This constitutes a surface for indirect prompt injection.
Ingestion points: Untrusted data enters the context via the wellbeing_intervention, school_context, target_outcomes, current_data, stakeholder_audience, and time_and_resources fields in SKILL.md.
Boundary markers: Absent. The inputs are placed directly after markdown headers without specific delimiters to prevent the model from interpreting user-supplied text as instructions.
Capability inventory: None. The skill does not define any allowed-tools in its frontmatter, nor does it attempt to perform subprocess calls, file writes, or network operations in its prompt.
Sanitization: Absent. There is no evidence of input validation or escaping before interpolation into the prompt.
Context: Because the skill lacks the ability to interact with the system or external services, the impact of a potential injection is restricted to the generated text output and does not pose a technical security risk to the environment.
[SAFE]: No evidence of hardcoded credentials, malicious network activity, obfuscated code, or persistence mechanisms was found. The skill uses standard markdown and YAML structure and references reputable academic sources.

wellbeing-learning-connection-mapper