The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes data from the system.accounts and events tables, creating a surface for indirect prompt injection where malicious content in database fields could influence the agent's behavior. \n- Ingestion points: The skill retrieves account names and properties (e.g., csm, account_executive) via SQL queries in SKILL.md. \n- Boundary markers: The skill does not define specific delimiters or isolation techniques to separate untrusted data retrieved from the database in SKILL.md. \n- Capability inventory: The skill has access to tools for executing SQL, writing to persistent memory (signals-scout-scratchpad-remember), and emitting signals to users (signals-scout-emit-signal) in SKILL.md. \n- Sanitization: No sanitization or validation of database content is performed before the data is used in analysis or included in signals in SKILL.md.

signals-scout-customer-analytics