The Agent Skills Directory

[PROMPT_INJECTION]: The skill utilizes instructional language to define operational standards and language preferences (e.g., 'Prefer Russian'). These are standard formatting instructions and do not attempt to bypass safety filters or extract system prompts.
[DATA_EXPOSURE]: The skill includes explicit security guidance directing agents to never store secrets or credentials in documentation, which is a positive safety feature that reduces the risk of credential leakage.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to process repository data (source code, logs, and markdown), which creates a surface for indirect prompt injection. However, this is inherent to its primary purpose as a documentation tool and is handled safely. 1. Ingestion points: The skill reads local markdown files and repository metadata through the provided linter script and agent prompts. 2. Boundary markers: No explicit delimiters are used to separate ingested data from instructions in the prompts. 3. Capability inventory: The skill utilizes file-read and file-write operations. The included Python script performs static analysis and does not execute file content. 4. Sanitization: Metadata extraction is performed using regex patterns and avoids unsafe deserialization or dynamic code evaluation.

graph-memory-bank