The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to analyze and refactor user-provided Python scripts (untrusted input) using powerful tools like Read, Write, and Edit. This configuration creates a surface for indirect prompt injection, as malicious instructions within the user code could potentially influence the agent's behavior. 1. Ingestion points: User scripts matched by the glob '**/dask_analysis/*.py'. 2. Boundary markers: The skill's instructions do not define specific delimiters or include directives for the agent to ignore instructions embedded in the input data. 3. Capability inventory: The skill has access to the Read, Write, and Edit tools. 4. Sanitization: No validation or filtering is applied to the content of the processed files.
[COMMAND_EXECUTION]: The documentation includes a directive for the agent to execute a shell command to read an internal memory file. Evidence: SKILL.md contains 'cat .claude/context/memory/learnings.md'. This is a recognized pattern for maintaining context persistence in certain agent frameworks and is not considered a malicious exploitation of privileges.

large-data-with-dask