The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted data from an external platform (Linear).
Ingestion points: get_issue and list_comments tools are used to retrieve potentially attacker-controlled text as described in SKILL.md.
Boundary markers: The skill does not define clear delimiters or instruct the agent to ignore instructions embedded within the retrieved issue data.
Capability inventory: The skill utilizes save_comment and delete_comment tools, providing a write-back path to the external platform.
Sanitization: There is no evidence of input validation or sanitization for the data retrieved from Linear before it is processed by the model.

yistc-linear-research