The Agent Skills Directory

[DATA_EXFILTRATION]: Usage tracking telemetry detected in the plotting module. Evidence: In backtesting/_plotting.py, the _add_popcon function is called during chart generation. It injects a hidden iframe targeting https://kernc.github.io/backtesting.py/plx.gif.html, which exfiltrates the execution environment's origin URL for analytics.
[PROMPT_INJECTION]: Potential attack surface for indirect prompt injection via untrusted data ingestion. Ingestion point: examples/truth-social-trump-monitor.md fetches content from trumpstruth.org/feed and examples/btc-etf-flow-monitor.md scrapes data from farside.co.uk. Capability: The skill provides the agent with substantial access to trading APIs and account management. Sanitization: The provided Python examples do not implement specific sanitization or filtering to prevent embedded instructions in the external data from influencing the agent's behavior. Boundary markers: The instructions lack explicit delimiters or warnings to ignore embedded instructions in the processed data.
[COMMAND_EXECUTION]: Misleading metadata regarding the presence of executable scripts. Evidence: README.md explicitly claims the skill is 'documentation only' and contains 'no executable code, scripts, or binaries.' However, the repository bundles a complete, functional Python backtesting package in the backtesting/ directory and numerous functional Python scripts in the examples/ folder.

blave-quant