The Agent Skills Directory

[PROMPT_INJECTION]: The skill monitors files in the _Settings_/Tasks/ directory to track the status of background pipelines (EIC, EDM, etc.). This mechanism creates a vulnerability surface for indirect prompt injection, as the agent is instructed to read and act upon the contents of files that may be generated or influenced by external, potentially untrusted processes.
Ingestion points: Task files located in the _Settings_/Tasks/ folder.
Boundary markers: Absent; the instructions do not specify delimiters or warnings for the agent to ignore embedded instructions within these files.
Capability inventory: The skill is authorized to update the BRAIN.md file, facilitate file synchronization to .gobi/syncfiles, and direct the user through various application settings.
Sanitization: Absent; there is no requirement for the agent to validate or sanitize the data retrieved from task files before using it in the conversation or file operations.
[DATA_EXFILTRATION]: The skill includes a feature called "Community 셋업" (Community Setup) which facilitates the sharing of the user's profile information by copying the BRAIN.md file to the .gobi/syncfiles directory. This process is correctly documented as a sharing action and includes a mandatory check for user consent before proceeding.
[EXTERNAL_DOWNLOADS]: The skill provides links to external informational resources (e.g., fortelabs.com, brunch.co.kr) and recommends the installation of third-party tools like Obsidian and its related browser extensions. These references are part of the skill's primary educational purpose for knowledge management onboarding.

gobi-onboarding