The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to ingest and analyze external time-series data (e.g., CSV files).
Ingestion points: Processes historical time-series data from user-provided or local files as described in SKILL.md and assets/README.md.
Boundary markers: Absent. The instructions do not include delimiters or specific guidance for the agent to ignore potentially malicious instructions embedded within the data files.
Capability inventory: The skill is granted high-privilege tools including Bash(cmd:*), Write, and Edit in SKILL.md, which could be exploited if malicious instructions are successfully injected via a data file.
Sanitization: Absent. No evidence of input validation or escaping for the data being processed.
[NO_CODE]: Several core script files required for the skill's primary functionality are missing.
Evidence: The file scripts/README.md explicitly lists forecast.py, evaluate.py, and preprocess.py as bundled resources, but these files are not present in the skill directory.

forecasting-time-series-data