The Agent Skills Directory

[PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill accepts user instructions to generate pipeline YAML which is then uploaded via the harness_create tool. * Ingestion points: User requirements provided as natural language to the agent (documented in SKILL.md). * Boundary markers: Absent. No instructions are provided to the agent to treat user-provided scripts or strings as untrusted or to delimit them within the YAML output. * Capability inventory: The harness_create MCP tool in SKILL.md allows writing configurations directly to the Harness platform. * Sanitization: Absent. The skill does not instruct the agent to sanitize, validate, or escape user input before interpolation into the generated YAML.
[EXTERNAL_DOWNLOADS]: Documentation reference to an external, non-vendor repository. * Evidence: references/v1-spec-schema.md references https://github.com/thisrohangupta/spec for the pipeline schema specification, which is a personal repository outside the official vendor (harness) organization.

create-pipeline-v1