The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing untrusted data from blog post files. Ingestion points: Reads Markdown files from the 'content/blog/posts/' directory (Step 2 in prompts/01-extract.md). Boundary markers: No explicit delimiters or instructions are provided to the model to ignore potential instructions embedded within the blog post content. Capability inventory: The skill utilizes 'Read', 'Glob', and 'Edit' tools. Sanitization: There is no evidence of sanitization or filtering of the content read from the blog posts before it is analyzed by the AI.
[COMMAND_EXECUTION]: The skill performs file system modifications using the 'Edit' tool to update the 'summary' field in Markdown frontmatter. These operations are restricted to specific file paths and targeted string replacements as defined in the execution logic.

article-prompt-extraction