The Agent Skills Directory

[DATA_EXFILTRATION]: The skill hardcodes a specific local file path for output operations: /Users/ugreen/Documents/obsidian/选题库/每日选题/MMDD-选题名称.md. Accessing or writing to specific user profile directories (/Users/<username>) is a security and privacy concern as it targets a specific local environment and exposes the author's local username.
[PROMPT_INJECTION]: The skill ingests untrusted data from external sources including Reddit, Product Hunt, and various AI blogs through web searches. It lacks explicit boundary markers or instructions to the agent to ignore potentially malicious instructions embedded in the search results. Because the agent is also instructed to write files to the local system based on this data, it presents an indirect prompt injection surface.

topic-agent