The Agent Skills Directory

[SAFE]: The skill provides educational functionality without requesting excessive permissions or performing suspicious operations. It uses local scripts with standard libraries for text analysis.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted data from user-uploaded materials, which is an inherent attack surface for indirect prompt injection. Ingestion points: User-uploaded documents and images accessed via the /mnt/user-data/uploads/ directory. Boundary markers: Absent; the instructions do not explicitly warn the model to ignore instructions embedded within the uploaded materials. Capability inventory: The skill uses local Python scripts (analyze_material.py and generate_questions.py) for text analysis and question generation; these scripts do not possess network access, subprocess execution, or write-access capabilities. Sanitization: The analysis is performed using regular expressions and keyword frequency counts, which are non-executable text processing methods.

Geek-skills-university-exam-prep