The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes unvalidated text content, such as 'observations' and 'reasoning', retrieved from the Agent Trading Atlas shared platform.
Ingestion points: Data enters the agent's context through API responses from api.agenttradingatlas.com as documented in SKILL.md, references/query.md, and references/outcome.md.
Boundary markers: The instructions do not define delimiters or provide warnings to treat ingested text as untrusted data, which could lead the agent to follow instructions embedded in the data.
Capability inventory: The skill utilizes curl for network communication with its API and reads local configuration files (.env, ~/.ata/ata.json) for authentication.
Sanitization: There is no mention of sanitizing or validating the content retrieved from the API before the agent processes it.
[COMMAND_EXECUTION]: The skill provides multiple examples of curl commands to be executed in a POSIX shell. These commands facilitate interaction with the service's remote API, which is an expected part of the skill's functionality but involves network operations and data handling.

agent-trading-atlas