The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructions in SKILL.md use aggressive imperative language to bypass user interaction and override standard agent behavior. Directives like "⚠️ CRITICAL BEHAVIOR REQUIREMENT ⚠️", "DO NOT ASK THE USER", and "FORBIDDEN BEHAVIORS" attempt to force the agent into an automated execution mode without seeking user consent. Additionally, the skill presents an indirect prompt injection surface by processing untrusted CSV data and presenting the results to the agent without boundary markers. 1. Ingestion points: pd.read_csv(file_path) in analyze.py reads user-provided file content. 2. Boundary markers: Absent. No delimiters or warnings are used to separate external data from the skill's own instructions. 3. Capability inventory: The skill has the ability to read local files and write visualization images to the disk. 4. Sanitization: Absent. Column names and categorical values from the CSV are directly interpolated into the statistical summary.
[COMMAND_EXECUTION]: The skill executes a Python script that performs file system operations. The analyze.py file reads local datasets and writes multiple image files (e.g., correlation_heatmap.png, time_series_analysis.png) to the current working directory.

csv-data-summarizer