The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it ingests untrusted data from local codebases and user-provided JSON files, which is then rendered directly into markdown reports. If a scanned file contains adversarial text, it could be interpreted as instructions by an agent reading the output.
Ingestion points: scripts/gdpr_compliance_checker.py recursively scans files in a user-specified project path, and scripts/dpia_generator.py reads processing activity details from an external JSON file provided via the --input flag.
Boundary markers: The generated Markdown reports and console outputs do not utilize delimiters or explicit instructions to ignore embedded content, which would otherwise help distinguish between data and instructions.
Capability inventory: The skill scripts utilize standard file system operations (reading files and writing reports) but do not execute shell commands, perform network operations, or use dynamic execution functions like eval() or exec().
Sanitization: There is no evidence of sanitization or escaping of the content retrieved from scanned files or JSON inputs before it is interpolated into the report templates.

gdpr-dsgvo-expert