The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to perform searches across local directories using the grep command. Evidence: Use Grep across /Users/Jonny/My Drive (jonny@humventures.com.au)/ by keyword or phrase in SKILL.md.
[DATA_EXFILTRATION]: The skill accesses personal and business files in a specific user's Google Drive directory, which may contain sensitive information. Evidence: Explicit reference to path /Users/Jonny/My Drive (jonny@humventures.com.au)/ in SKILL.md.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external files without implementing boundary markers or sanitization. 1. Ingestion points: Content gathered from local files, notes, and memos (SKILL.md). 2. Boundary markers: Absent. No instructions are provided to separate ingested data from the agent's instructions or to treat the content as untrusted. 3. Capability inventory: The agent has the ability to read files and generate content based on the gathered information. 4. Sanitization: Absent. No validation or filtering of the retrieved text is performed before it is analyzed and drafted.

thought-leadership-writing