The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill ingests untrusted data from /docs/course-description.md and uses the extracted information to update mkdocs.yml and generate reports. • Ingestion points: /docs/course-description.md. • Boundary markers: Absent. • Capability inventory: File-write operations to /docs/course-description.md, docs/learning-graph/course-description-assessment.md, and mkdocs.yml. • Sanitization: No explicit validation or escaping of the course content before interpolation into reports or YAML.- [Command Execution] (SAFE): The skill uses mkdir -p to ensure directory structures exist for reporting. This is a standard and benign use of system commands.- [Data Exposure & Exfiltration] (SAFE): No sensitive file access or network communication patterns were detected. File operations are confined to the local project documentation.

course-description-analyzer