The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user-provided datasets (CSV files) while being granted broad execution capabilities. Malicious instructions embedded in the data could potentially influence the agent during the automated feature engineering process.\n
Ingestion points: Data is loaded from user-specified paths in assets/feature_engineering_template.ipynb and referenced in assets/configuration_template.yaml.\n
Boundary markers: The instructions lack delimiters or explicit directives to treat ingested data as untrusted content, increasing the risk of the agent following instructions found within the data.\n
Capability inventory: The skill frontmatter in SKILL.md allows Bash(cmd:*), Read, Write, and Edit tools, providing a powerful execution environment for potentially injected commands.\n
Sanitization: There is no evidence of input validation, schema enforcement, or data sanitization before processing external files.\n- [SAFE]: A functional discrepancy was identified in scripts/feature_importance_analyzer.py. The script's documentation and scripts/README.md claim it performs advanced machine learning analysis (SHAP and permutation importance), but the code actually implements a basic directory scanner that reports file counts and sizes. While deceptive in its metadata, the script's actual behavior is not malicious and appears to be a placeholder or implementation error.

engineering-features-for-machine-learning