The Agent Skills Directory

[Indirect Prompt Injection] (MEDIUM): The skill processes untrusted external CSV data which can be used to inject instructions into the agent's context during data analysis.
Ingestion points: The scripts/pivot_table_generator.py file reads external data using pd.read_csv(args.data) at line 86.
Boundary markers: Absent. The data is parsed directly into a pandas DataFrame without delimiters or instructions to the agent to ignore embedded content.
Capability inventory: The script has the capability to read local files via pd.read_csv and write to the local filesystem using to_csv, to_excel, to_html, and plt.savefig (lines 53-61, 70-76).
Sanitization: Absent. The script relies on standard pandas parsing which does not filter for Natural Language instructions embedded in data fields.
[Data Exposure] (LOW): The script accepts arbitrary file paths via CLI arguments for both input (--data) and output (--output). An attacker could potentially trick the agent into reading sensitive configuration files as CSVs or overwriting critical files with pivot table data.

pivot-table-generator