The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes external customer feedback which represents a potential attack surface for indirect prompt injection.
Ingestion points: Feedback data is ingested from $ARGUMENTS or user-provided files in the Gather feedback data step (SKILL.md).
Boundary markers: The workflow does not define explicit delimiters or instructions to ignore embedded commands within the raw feedback data.
Capability inventory: The agent uses Read, Glob, Grep, and Write tools to interact with the .chalk/docs/product/ directory (SKILL.md).
Sanitization: No specific sanitization or escaping of feedback content is mentioned before the synthesis is written to the filesystem.

synthesize-feedback