The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructions define a persona for the agent to emulate. These instructions are structured and include a method for exiting the role, with no attempts to override safety filters.
[DATA_EXFILTRATION]: No sensitive file access or credential harvesting patterns were observed in the instructions or reference materials.
[REMOTE_CODE_EXECUTION]: The skill contains no code or scripts; it is comprised entirely of markdown text files.
[INDIRECT_PROMPT_INJECTION]: The skill uses search tools to collect business data (ingestion points in SKILL.md). It lacks specific boundary markers for this data, but the skill's restricted capability inventory (no shell or file-system access) prevents significant exploitation of this surface.

inamori-perspective