The Agent Skills Directory

[PROMPT_INJECTION]: The skill defines a host architecture for processing data from external MCP servers. Ingestion points: Data enters via MCP server tool outputs and UI resource requests (SKILL.md). Boundary markers: The design mandates human approval through elicitation modals for sensitive actions (architecture.md). Capability inventory: Employs network requests via requestUrl, UI embedding through iframes, and vault file operations (plugin-scaffold.md). Sanitization: Recommends a dedicated Permission service to enforce trust tiers and gate destructive operations (architecture.md).
[EXTERNAL_DOWNLOADS]: The plugin scaffold includes logic to load application runtimes into an iframe from a user-defined URL and uses requestUrl for connectivity health checks (plugin-scaffold.md). This functionality is consistent with the skill's primary purpose of hosting embedded applications and occurs within a user-controlled context.

obsidian-mcp-apps