The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It is instructed to fetch and process external content from URLs (YouTube, podcasts, articles) using tools like WebFetch. There are no explicit instructions or boundary markers defined to guide the agent to disregard or sanitize potential malicious prompts or instructions that might be embedded within the source material (e.g., in a YouTube transcript).- [DATA_EXPOSURE]: The skill specifies a hardcoded local file path for saving output: /Users/ugreen/Documents/obsidian/每日播客/. While this is functional for the skill's purpose of archival, hardcoding specific user-level directory paths exposes the intended local file structure and assumes the presence of specific user directories.- [COMMAND_EXECUTION]: The instructions require the agent to use a 'Write' tool to automatically save the generated content to the local filesystem. This operation is central to the skill's utility for content management and archival.

content-digest