The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs users to install official packages from Vercel (ai, @ai-sdk/openai, @ai-sdk/anthropic, @ai-sdk/google) via the standard npm registry. These are well-known libraries from a trusted service provider.
[CREDENTIALS_UNSAFE]: The documentation includes example environment variable configurations using a placeholder (sk-...). It explicitly includes a 'Common Mistakes' section advising developers to keep API keys server-side only and avoid exposing them to the client, which is a security best practice.
[INDIRECT_PROMPT_INJECTION]: The skill demonstrates patterns for Retrieval-Augmented Generation (RAG) and chat interfaces which are susceptible to indirect prompt injection.
Ingestion points: Untrusted data enters the agent context via the relevantDocs array in the RAG example, the messages array in the API route, and the text parameter in Server Actions.
Boundary markers: The provided code snippets do not implement explicit delimiters (e.g., XML tags or triple quotes) or 'ignore embedded instructions' warnings for external content.
Capability inventory: While the snippets themselves do not perform dangerous operations, the tool definition structure provides a template for executing arbitrary logic (execute function) based on model-generated parameters.
Sanitization: No input sanitization or validation of the retrieved context or user messages is shown in the basic examples.

vercel-ai-sdk