The Agent Skills Directory

Indirect Prompt Injection Surface: The skill demonstrates how to ingest data from external sources such as PDF files and web pages (e.g., in PyPDFLoader and WebBaseLoader in SKILL.md). Content retrieved from these sources is interpolated into the LLM prompt using standard separators like \n\n. This creates a surface where instructions embedded in external documents could potentially influence agent behavior. Boundary markers and explicit sanitization are recommended for production environments.
Unsafe Deserialization Pattern: The FAISS vector store example in SKILL.md utilizes the allow_dangerous_deserialization=True flag during the load_local operation. This configuration uses Python's pickle module to load data from the filesystem. While this is an intended feature for loading local indices, it represents a security consideration because loading a compromised index file could lead to execution of arbitrary code. Users should ensure that index files are only loaded from trusted storage environments.
External Data Ingestion: The skill provides templates for fetching content from the web via WebBaseLoader and CheerioWebBaseLoader. While these target vendor-associated documentation domains, they illustrate the capability to pull external content into the agent's context for processing.

langchain-rag