The Agent Skills Directory

[PROMPT_INJECTION]: The skill includes instructions that facilitate the bypass of financial controls and ethical standards. Specifically, for expenses exceeding limits by more than 20%, it suggests that users 'change the over-limit part to a compliant category' to pass the check. This promotes the misrepresentation of financial data to circumvent the established policy.
[COMMAND_EXECUTION]: The skill performs file system access by reading '../../CLAUDE.md'. This relative path access implies the ability to read files outside the immediate skill folder, which could be exploited to access sensitive information if the environment is not restricted.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection. It ingests untrusted data via argument-hint parameters (rank, city, amounts) which are used in compliance calculations. There are no boundary markers or sanitization processes mentioned to prevent malicious input from overriding the intended logic or polluting the final report.

policy-compliance-check