The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes external data formats (CSV, Excel, JSON) which introduces a surface for indirect prompt injection.
Ingestion points: instructions.md specifies that the agent accepts data in common file formats for processing.
Boundary markers: No delimiters or protective instructions are used to distinguish data from potential embedded commands.
Capability inventory: The skill includes methods for filesystem writes via export_to_excel and holds the filesystem permission.
Sanitization: No explicit validation or cleaning of the input data is performed before processing.
[SAFE]: All logic in SKILL.md is focused on resource allocation, cost calculation, and reporting, with no signs of obfuscation or malicious behavior.
[SAFE]: The skill uses well-known, trusted Python libraries (pandas, openpyxl) and references the author's own official domain (datadrivenconstruction.io).

labor-allocation