The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted markdown and HTML content from external competitor websites via the nimble extract command. This content is analyzed by the agent and sub-agents without explicit sanitization or boundary markers.
Ingestion points: Scraped content from competitors' homepages, features pages, and blog posts (Step 4, 5 in SKILL.md and Phase 1-3 in references/positioning-agent-prompt.md).
Boundary markers: The skill does not use specific delimiters or instructions to protect the agent from embedded malicious instructions in the scraped data.
Capability inventory: The agent has permissions to execute Bash commands (via the Nimble CLI), write to local memory files, and spawn sub-agents.
Sanitization: No validation or filtering is performed on the extracted content.
[COMMAND_EXECUTION]: The skill uses the Bash tool to execute several commands, including the Nimble CLI for site mapping and extraction, as well as system utilities like date, mkdir, and cat for managing its local memory structure.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of the @nimbleway/cli package from npm and fetches data from external competitor URLs to perform its analysis.

competitor-positioning