The Agent Skills Directory

Indirect Prompt Injection Awareness: The skill is designed to ingest and process data from Slack (e.g., messages and threads), which constitutes an external data source. This introduces a surface where the agent might encounter untrusted content. To manage this, the skill provides specific instructions to ground replies in the provided context and avoid inventing facts.
Ingestion points: Data is ingested via slack_read_thread, slack_read_channel, and slack_search_public_and_private (SKILL.md).
Boundary markers: The instructions emphasize that the AI should only draft responses based on "available context" and specifically warn against inventing facts or approvals (SKILL.md).
Capability inventory: The skill has the capability to search users/channels and create message drafts using slack_send_message_draft (SKILL.md).
Sanitization: The workflow relies on the underlying model's grounding and explicit instructions to ensure the drafted content is appropriate and accurate (SKILL.md).
Data Handling: The skill accesses Slack message content and user profiles to perform its task. This access is inherent to the functionality of a reply-drafting tool and is restricted to the tools provided within the Slack integration environment.

slack-reply-drafting