The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute local Python scripts (e.g., generate_post.py, memory_manager.py) located within the skill's bundled directory. These scripts are used solely for prompt construction and feedback management.
[INDIRECT_PROMPT_INJECTION]: The skill implements a 'reinforcement learning' memory system where user feedback is saved to a local memory.md file and subsequently interpolated into system prompts. This represents a known attack surface for indirect prompt injection, though it is used here as a core feature for personalization.
Ingestion points: User-provided feedback strings are passed as arguments to memory_manager.py and stored in scripts/memory.md.
Boundary markers: In utils.py, the persistent memory content is wrapped in <MEMORY> tags to help the model distinguish it from static instructions.
Capability inventory: The Python scripts are restricted to local file operations (reading/writing memory.md) and standard output; they do not possess network or system-level modification capabilities.
Sanitization: Feedback strings are appended to the markdown file verbatim. While this lacks sanitization, the scope of influence is limited to the skill's own prompt generation context.

linkedin-content-generator