The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill specifies dependencies on standard, well-known Python packages (plotly, pandas, and kaleido) through a requirements.txt file. These are sourced from the public PyPI registry, which is a standard but external source.
[PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it ingests untrusted data from external files.
Ingestion points: The from_csv method in SKILL.md allows the agent to load and process data from arbitrary file paths.
Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the documentation for handling CSV content.
Capability inventory: The skill includes methods to write files to the local filesystem (save_html, save_image), which could be misused if an attacker-controlled CSV influences the agent's behavior.
Sanitization: There is no documentation regarding the sanitization of labels or values extracted from CSV files before they are rendered into HTML or used in further agent reasoning.

sankey-diagram-creator