The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and summarize content from external documentation and repository issues. * Ingestion points: External URLs and GitHub issues referenced by the user in SKILL.md. * Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard malicious directives within the fetched data. * Capability inventory: The agent can delegate tasks to implementation skills and write to issue trackers or PRD bodies (which involves network communication). * Sanitization: The instructions do not include steps to escape or validate the content of external documentation before processing.
[NO_CODE]: The skill consists entirely of instructional prompts and configuration data, containing no executable scripts or binary files, which significantly reduces the attack surface for traditional code-based exploits.

interview