The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install its required binaries and MCP servers from the author's official GitHub and NPM repositories. Specifically, it uses npx to run a package from @mvanhorn/printing-press and go install for modules located under github.com/mvanhorn/printing-press-library/.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data and possesses exploitable capabilities.
Ingestion points: The audit html command (defined in SKILL.md) reads and analyzes the content of local HTML files.
Boundary markers: None; the instructions do not require the use of delimiters or specific security headers when the agent processes the external file content.
Capability inventory: The skill includes network transmission capabilities via the --deliver webhook:<url> flag and command execution via the clarity-pp-cli binary.
Sanitization: There is no mention of sanitization, validation, or filtering of the ingested HTML content before it is processed or reported by the agent.
[DATA_EXFILTRATION]: The clarity-pp-cli tool includes a documented --deliver webhook:<url> feature. This functionality allows the agent to POST command output directly to a remote URL, which could be used to transmit sensitive audit results or session data to external endpoints.

pp-clarity