The Agent Skills Directory

[SAFE]: The skill's logic is entirely focused on financial auditing and reporting using predefined templates. No malicious code or commands were found.\n- [PROMPT_INJECTION]: The skill ingests data from external sources ([PO] and [FA] systems). Although this represents a surface for indirect prompt injection, the risk is minimal because the input is used primarily to populate structured reports rather than as executable instructions.\n- [DATA_EXFILTRATION]: The skill reads from a local configuration file (../../CLAUDE.md) to establish business parameters like capitalization thresholds. This is a legitimate configuration pattern and does not involve unauthorized data exposure or transmission to external systems.

asset-acquisition-review