The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to process data from external placeholders ([OA], [ERP], and [CASH]), which represents an indirect prompt injection attack surface if the source data is attacker-controlled. \n- Ingestion points: External business data from OA, ERP, and CASH systems (SKILL.md). \n- Boundary markers: Absent; there are no specific instructions to treat external data as untrusted or to use delimiters. \n- Capability inventory: The skill performs analytical tasks and generates reports; it does not include executable code or subprocess capabilities. \n- Sanitization: No data sanitization or validation steps are defined. \n- [NO_CODE]: No executable scripts or binaries are distributed with this skill, which limits the potential for direct malicious code execution.

payment-scheduling-cm