The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill's primary function involves ingesting data from external sources like Gmail and Google Chat, creating a surface for potential indirect prompt injection. -- Ingestion points: Processes email action items and chat-based standup reports. -- Capability inventory: The skill can create chat messages, update spreadsheets, and manage calendar events via the gws tool. -- Boundary markers: The instructions do not define specific delimiters for separating untrusted input from system prompts. -- Sanitization: User tips explicitly recommend the use of the --sanitize flag for operations involving sensitive data, which is a significant mitigating factor.

persona-team-lead