The Agent Skills Directory

[SAFE]: The skill is composed solely of instructional prompts and does not contain any executable scripts, binaries, or hardcoded credentials.\n- [PROMPT_INJECTION]: The skill instructions define a process for ingesting external documents and web content, creating a surface for potential indirect prompt injection attacks. 1. Ingestion points: Processes user-provided planning documents and results from web searches (SKILL.md). 2. Boundary markers: Absent; there are no specific instructions or delimiters to isolate processed data from the agent's core logic. 3. Capability inventory: The skill utilizes the agent's web_search and web_fetch tools to interact with external sources. 4. Sanitization: No input validation or filtering of external content is implemented in the protocol instructions.

adversarial-review