The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill is designed to aggregate and synthesize information from multiple external documents as outlined in multi-document-workflow.md. This ingestion process presents a potential surface for indirect prompt injection if input documents contain malicious instructions intended to manipulate the agent's summary or the generated presentation content.
Ingestion points: Multi-file workflows and project directory reading.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are mandated for the ingestion phase.
Capability inventory: The skill can write files to the local file system and generate HTML files containing JavaScript.
Sanitization: The scaffold-niar-web-presentation.py script uses proper HTML escaping and JSON serialization to sanitize inputs during the generation of the index.html template.
[DYNAMIC_EXECUTION]: The Python scaffolding script programmatically generates an index.html file that includes a script block for presentation logic. This is a functional requirement of the skill and uses a static, well-defined template for code generation.
[DATA_EXPOSURE]: Documentation and examples in READEM.md and usage-examples.md reference absolute file paths on a local drive (e.g., D:\antigravity\...). These appear to be illustrative examples for the intended user environment and do not involve unauthorized access to sensitive system directories.

niar-web-presentation