The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to ingest and store arbitrary data via MemoryWrite and MemoryCompile, which creates a significant surface for Indirect Prompt Injection. Malicious instructions embedded in source files or user-provided payloads could be stored in the database and later influence the agent's behavior when retrieved.
Ingestion points: Content enters the system through the payload parameter in MemoryWrite and via local file paths in MemoryCompile.
Boundary markers: The instructions do not specify or recommend the use of boundary markers (e.g., XML tags or specific delimiters) to isolate stored content from agent instructions during either the write or the subsequent read phase.
Capability inventory: The skill provides extensive data manipulation capabilities, including writing (MemoryWrite), mass ingestion (MemoryCompile), deletion (MemoryForget), and database-wide restoration (MemoryRollback).
Sanitization: The skill relies on a mechanical Markdown parser without mentioning any sanitization, filtering, or validation of the input content to prevent the inclusion of executable instructions or malicious prompts.

memoize