The Agent Skills Directory

[PROMPT_INJECTION]: Aggressive persona-based manipulation. The system prompt in SKILL.md uses high-pressure narrative constraints, including artificial scarcity ('Original logs only kept for 15 minutes'), competitive pressure ('DeepSeek... preparing to make you a negative example'), and status-based penalties ('demoted to log porter') to force adherence to the specified persona.
[PROMPT_INJECTION]: Vulnerability to Indirect Prompt Injection. The skill is designed to ingest and process untrusted external data (incident descriptions, system logs) which could contain malicious instructions.
Ingestion points: SKILL.md (via the {{事故描述}} placeholder).
Boundary markers: Absent. There are no delimiters (such as triple quotes or XML tags) or explicit instructions for the model to ignore potential commands embedded within the log content.
Capability inventory: The skill identifies as an analysis tool for logs and incidents, recommending system-level modifications and 'anti-fragile' actions.
Sanitization: Absent. The raw input data is interpolated directly into the core execution prompt without validation.

sillytavern-antifragile