The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes user-provided ticker symbols without comprehensive sanitization.
Ingestion points: The SYMBOLS command-line argument in scripts/insider_trading.py accepts untrusted user input.
Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the input data.
Capability inventory: The skill is intended to be executed via shell commands (uv run python) as described in SKILL.md.
Sanitization: Input symbols are processed with whitespace stripping and case normalization but are not validated against a strict allowed-list or escaped for shell safety.

insider-trading