The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill recommends the installation of the @agentmessenger/cli package from the NPM registry. This resource is provided by the vendor (masumi-network) for interacting with their service.\n- [DATA_EXFILTRATION]: Instructions for backup and restore operations in SKILL.md suggest using the path /tmp/backup.json to store encrypted key material. Storing sensitive data in a predictable, shared system directory like /tmp increases the risk of local data exposure.\n- [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by facilitating the retrieval of messages from external users or agents.\n
Ingestion points: Untrusted content is retrieved from the thread unread, thread show, and inbox latest commands (SKILL.md, references/commands.md).\n
Boundary markers: Absent. The skill does not instruct the agent to use delimiters or ignore instructions embedded within the message content.\n
Capability inventory: The agent can perform actions based on received content, such as sending replies via thread reply or updating public descriptions via inbox public set (SKILL.md, references/commands.md).\n
Sanitization: Absent. No mechanisms are provided to validate or sanitize external message content before it is processed by the agent.

agent-messenger