The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local Python scripts scripts/generate_report.py and scripts/convert_score.py as part of its standard workflow to process data and output results.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its report generation process. 1. Ingestion points: User-provided text (essays or translations) is processed in SKILL.md and then passed to scripts/generate_report.py via a JSON intermediate. 2. Boundary markers: There are no specific boundary markers or instructions to the agent to ignore embedded commands within the user text. 3. Capability inventory: The skill uses scripts/generate_report.py which has the capability to write HTML files to the local filesystem using pathlib.Path.write_text. 4. Sanitization: The generate_report.py script uses simple string replacement (html.replace) to insert user text into an HTML template without any escaping or sanitization, which allows for potential HTML/JS injection if the user content contains malicious tags.

review-cet-writing