Agent Safety and Prompt-Injection Review

这个技能训练什么

面向 2026 年 AI 工作流的专业内容：Review tool-using agents for prompt injection, data exfiltration, hidden instructions, and unsafe autonomy.

This skill is based on 2026 demand around GitHub AI-agent repositories, Product Hunt prompt and agent launches, X discussions about Claude Code skills, and the rise of reusable agent workflows.

工作流程

1. Define the user job, environment, target model or agent, and acceptable autonomy level.
2. Collect official docs, repository evidence, community signals, and practical examples before writing instructions.
3. Turn the workflow into reusable steps with inputs, outputs, constraints, and review points.
4. Add failure modes: missing context, stale sources, prompt injection, over-broad permissions, weak evals, or unclear ownership.
5. Test the skill on a small real task, revise the trigger, and document when not to use it.

质量门控

• The skill must be recognizable without the title because it contains domain-specific steps.
• It must produce an artifact a human can inspect: checklist, table, plan, prompt, eval set, or implementation brief.
• It must state boundaries and escalation points instead of encouraging blind automation.
• It must include at least two source types: official/project sources and community or launch evidence.

趋势依据

• GitHub AI agents topic: https://github.com/topics/ai-agents
• GitHub agent-skills topic: https://github.com/topics/agent-skills
• Product Hunt prompt tools: https://www.producthunt.com/categories/prompt-engineering-tools?order=recent_launches
• Product Hunt AI agents: https://www.producthunt.com/categories/ai-agents?order=recent_launches
• X community signal on Claude skills: https://x.com/code_87k/status/2035877130874351939