The Agent Skills Directory

[COMMAND_EXECUTION]: Orchestrates email operations using the autark CLI, which relies on a local configuration file (~/.autark/credentials.json) for authentication. This includes a generic request command allowing arbitrary POST/GET operations to the service's API.
[DATA_EXFILTRATION]: The core capability of sending emails establishes a potential channel for data transmission to external domains.
[PROMPT_INJECTION]: A static analysis alert for 'policy bypass' was evaluated and determined to be a false positive; the instruction to 'override' refers to the stylistic feedback from an email linting tool rather than the agent's core safety constraints.
[PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface detected: 1. Ingestion points: Reads incoming messages and thread details via autark mail message and autark mail thread (SKILL.md). 2. Boundary markers: The instructions do not prescribe the use of delimiters or 'ignore embedded instructions' prompts when handling email bodies. 3. Capability inventory: The agent is equipped to send emails and perform arbitrary API requests through the autark mail CLI. 4. Sanitization: No procedures are mentioned for escaping or validating untrusted content received via the email inbox.

email