The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external URLs. 1. Ingestion points: The scripts/fetch_page.py script fetches content from user-provided external URLs. 2. Boundary markers: The Phase 2 instructions do not use delimiters or explicit ignore-instructions warnings for the fetched HTML. 3. Capability inventory: The agent can execute local Python scripts and bash commands to interact with the file system and network. 4. Sanitization: There is no sanitization of the external HTML content before it is provided to the agent for analysis.

seo-content