The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to ingest and process data from external, untrusted sources.
Ingestion points: External market data and industry reports are brought into the agent's context through the WebSearch tool mentioned in SKILL.md (Step 4).
Boundary markers: The instructions lack specific delimiters or system-level directives to ignore potential instructions embedded within the external market research content.
Capability inventory: The skill possesses the ability to create and modify local files using the Write tool (Step 9), which could be misused if the agent obeys instructions found in external data.
Sanitization: There are no documented procedures for sanitizing, validating, or filtering the content retrieved from the web before it is incorporated into the final report or used to trigger further actions.

startup-business-analyst-market-opportunity