The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The README instructs users to install standard Python packages (pandas, numpy, scipy, lifelines, matplotlib, pyyaml) via pip. These are well-established libraries in the data science community and do not originate from untrusted sources.
[COMMAND_EXECUTION] (LOW): The skill provides scripts for data processing and PDF generation (e.g., generate_survival_analysis.py). While these involve local command execution to perform calculations and generate charts, the operations are internal to the skill's purpose and do not show signs of arbitrary command injection or privilege escalation.
[DATA_EXFILTRATION] (SAFE): No network operations or commands aimed at accessing sensitive system files (like SSH keys or AWS credentials) were found. The skill operates on provided clinical datasets.
[INDIRECT_PROMPT_INJECTION] (LOW): As a clinical documentation tool, the skill ingests external patient data and trial results (Category 8). While this creates a surface for potential injection if malicious content were embedded in medical records, the skill's output is intended for LaTeX/PDF generation for medical professionals, which minimizes the risk of the agent taking automated high-privilege actions based on that data.

clinical-decision-support