The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill provides an architectural template for an agent loop, which inherently includes an indirect prompt injection surface. * Ingestion points: The run_agent function accepts user_message and tool outputs from execute_tool are passed back to the model (SKILL.md). * Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the code samples. * Capability inventory: The skill is configured with powerful tools including Bash, Write, Edit, Read, and Grep via the allowed-tools metadata. * Sanitization: The provided boilerplate code does not include sanitization, validation, or escaping of tool outputs before they are processed by the LLM.
[SAFE]: The instructions use the official anthropic Python package for API interaction.
[SAFE]: All external references point to official Anthropic documentation domains.

anth-core-workflow-a