The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill is designed to ingest and interpret data from external sources (CSV, JSON, and Excel). This creates a vulnerability surface where malicious instructions could be embedded in financial line items to influence the agent's output or reasoning.
Ingestion points: Financial data provided via file uploads or text descriptions (SKILL.md).
Boundary markers: None mentioned in the provided documentation to distinguish between data and instructions.
Capability inventory: The skill generates interpretations, insights, and formatted Excel reports based on the input data.
Sanitization: No sanitization or validation steps are documented for the incoming financial text/data.- No Code (INFO): The markdown refers to two scripts, calculate_ratios.py and interpret_ratios.py, which were not provided for analysis. The evaluation is based strictly on the descriptive markdown instructions.

analyzing-financial-statements