The Agent Skills Directory

[PROMPT_INJECTION]: Detected an indirect prompt injection surface where the skill ingests untrusted data from user notes to perform automated file operations.
Ingestion points: The skill reads frontmatter and content from user-specified notes and discovered related notes in SKILL.md.
Boundary markers: No specific delimiters or safety instructions are defined to separate note content from agent instructions during processing.
Capability inventory: The skill creates new markdown files in 03-Records/Topics/ and modifies the related property in the frontmatter of existing notes (SKILL.md).
Sanitization: There is no evidence of sanitization or validation of the ingested note content before it is synthesized into summaries or tags.

create-topic-note