The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest and process data from external security platforms (Wiz, Snyk, SentinelOne, Check Point). In the absence of strict boundary markers, this creates a potential surface for indirect prompt injection. • Ingestion points: Alerts and findings retrieved via MCP or API from security tools as described in SKILL.md. • Boundary markers: Absent; the instructions do not specify delimiters or warnings for the agent to disregard instructions within tool outputs. • Capability inventory: The agent is authorized to prioritize vulnerabilities, recommend containment steps, and update tracking systems (e.g., Monday.com). • Sanitization: Absent; no validation or escaping of external content is defined in the skill logic.

israeli-cybersecurity-ops