The Agent Skills Directory

[SAFE]: The skill's functionality is transparent and strictly limited to visualization assistance, with no signs of malicious intent or unauthorized access.
[PROMPT_INJECTION]: The skill processes user-supplied data to generate code, which constitutes an indirect prompt injection surface. This is an architectural characteristic of visualization tools where instructions could theoretically be hidden in data. 1. Ingestion points: User-provided data inputs described in the workflows within SKILL.md. 2. Boundary markers: No delimiters are used to wrap user data or distinguish it from instructions. 3. Capability inventory: The skill generates executable JavaScript and Python code for chart rendering. 4. Sanitization: No explicit validation or filtering of user input is specified.
[EXTERNAL_DOWNLOADS]: The skill references JavaScript libraries from the well-known jsdelivr.net CDN for chart initialization in generated HTML code.
[REMOTE_CODE_EXECUTION]: The skill recommends installing a resource from the mindverse GitHub organization, which is a common practice for extending functionality within the platform's ecosystem.

data-viz