The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the public NPM registry. This tool is a resource provided by the vendor (membranedev) to facilitate communication with the Membrane platform. Additionally, the skill references documentation at cobalt.foo, which uses a non-standard TLD compared to the official cobalt.io domain.
[PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from the Cobalt.io platform, creating a surface for indirect prompt injection.
Ingestion points: Data returned from actions executed via membrane action run (e.g., project documents, user records).
Boundary markers: None; the instructions do not specify the use of delimiters or clear separation between external data and agent instructions.
Capability inventory: The agent can execute CLI commands, create new functional actions dynamically, and manage connections to external services.
Sanitization: Not present; the skill does not describe any validation or escaping of the content retrieved from external actions.
[COMMAND_EXECUTION]: The skill's operation relies heavily on executing shell commands via the membrane CLI. This includes administrative tasks like login, connect, and action create, which allows the agent to dynamically extend its own capabilities by defining new logic on the Membrane platform based on natural language descriptions.

cobalt-io