The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests data from workspace files (such as MEMORY.md and daily logs) and synthesizes it into a system prompt for the meeting agent. This constitutes a surface for indirect prompt injection, as malicious instructions within those files could potentially influence the bot's behavior during a call.
Ingestion points: Identified in SKILL.md under Step 1 (Validate & gather context).
Boundary markers: Absent; the instructions do not implement specific delimiters or 'ignore' directives for the synthesized data.
Capability inventory: The script scripts/pikastreaming_videomeeting.py possesses network communication and filesystem access capabilities.
Sanitization: No evidence of content escaping or validation is present before the data is interpolated into the final prompt card.
[DATA_EXFILTRATION]: The skill transmits workspace summaries, avatar images, and audio recordings to Pika Labs' API endpoints (pika.art). While this is the intended mechanism for the service to function, it involves the transmission of local user data to external servers.
[COMMAND_EXECUTION]: The script utilizes subprocess.run to call the ffmpeg binary for audio conversion. The implementation uses an argument list rather than a raw shell string, which effectively mitigates common shell injection risks.

pikastream-video-meeting