The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted content from the Hacker News public API (via Algolia), which creates a potential surface for indirect prompt injection. If an attacker posts a story with a title containing malicious instructions, it could theoretically influence the agent's behavior when it reviews the monitoring results.
Ingestion points: The fetchPosts function in scripts/monitor-hn.js retrieves post titles, authors, and URLs from hn.algolia.com.
Boundary markers: No delimiters or 'ignore embedded instructions' warnings are used when the external data is displayed or processed.
Capability inventory: The skill executes shell commands (via the Node.js monitor script), performs network operations (fetching from Algolia and posting to Slack), and writes to the local file system (SQLite database).
Sanitization: The script does not perform sanitization or escaping of the fetched titles and authors before outputting them to the agent's console or sending them to Slack.
[COMMAND_EXECUTION]: The skill relies on the execution of a local Node.js script (scripts/monitor-hn.js) to perform its core functionality.
Evidence: The SKILL.md file provides direct instructions for the agent to run the monitor script and perform setup checks. It specifically includes hardcoded absolute paths (/Users/ksd/Desktop/Varnan_skills/hackernews-intel/) which are likely specific to the author's environment and will need to be generalized for other users.
[EXTERNAL_DOWNLOADS]: The skill requires downloading external dependencies to function.
Evidence: The package.json file lists better-sqlite3 as a dependency, and the SKILL.md instructs the agent to run npm install. While better-sqlite3 is a well-known and reputable package, the installation of external code is a necessary step for the skill's operation.

hackernews-intel