The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted data from health issue payloads (titles, summaries, and payload fields) which could contain malicious text from external sources.
Ingestion points: Data enters through the health-issues-get tool output as described in SKILL.md.
Boundary markers: The skill explicitly instructs the agent to wrap cited names or errors in quotes as untrusted snippets to distinguish them from instructions.
Capability inventory: The skill can execute HogQL via execute-sql, write to an inbox using signals-scout-emit-signal, and modify durable memory via scratchpad-remember.
Sanitization: The instructions include a dedicated 'Untrusted data' section that mandates treating payload fields strictly as data, forbidding their use as instructions, and restricting scratchpad keys to stable identifiers only.
[COMMAND_EXECUTION]: The skill utilizes the execute-sql tool to perform HogQL queries. These operations are restricted to the PostHog analytical environment and are used legitimately to verify the impact and traffic share of health issues before they are reported.

signals-scout-health-checks