The Agent Skills Directory

[SAFE]: The skill performs legitimate file system operations to read notes and write summaries. Analysis of the instructions and documentation shows no evidence of prompt injection, data exfiltration, or malicious behavior.
[DATA_EXPOSURE]: The skill reads user-provided directories. This is its primary intended function (summarizing local notes), and it lacks network capabilities to exfiltrate data.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user data from local files.
Ingestion points: Reads .md and .txt files from a user-specified directory (SKILL.md Step 3).
Boundary markers: None specified in the prompt instructions to isolate embedded instructions.
Capability inventory: File read/write and chat output capabilities.
Sanitization: No explicit sanitization of file content before summarization.
Context: Given the limited capabilities and intended use-case, this represents a low-risk surface common to data-processing skills.

morning-standup-brief-generator