The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes content from the public web via WebSearch and WebFetch. * Ingestion points: Results from competitor websites, review platforms (G2, Capterra), and social media (Reddit) in Phase 2. * Boundary markers: The prompt for the market-researcher agents does not include delimiters or instructions to treat external data as untrusted. * Capability inventory: The skill can spawn sub-agents, read/write local context files in .claude/product-context/, and perform web searches. * Sanitization: External content is synthesized without validation or escaping, which could allow an attacker to place malicious instructions on a website to influence the agent's final report.

competitive-war-room