The Agent Skills Directory

Prompt Injection (SAFE): The skill's instructions are strictly instructional and pertain to financial modeling. No patterns designed to bypass safety filters or override agent behavior were detected.
Data Exposure & Exfiltration (SAFE): The skill fetches data from trusted financial domains (fred.stlouisfed.org and finance.yahoo.com). It does not access sensitive local files (e.g., SSH keys, AWS credentials) or contain hardcoded secrets. Network operations are aligned with the intended primary purpose.
Obfuscation (SAFE): No evidence of Base64, zero-width characters, homoglyphs, or other encoding techniques intended to hide malicious logic was found.
Unverifiable Dependencies & Remote Code Execution (SAFE): The skill relies on standard, reputable Python libraries (pandas, yfinance, requests). It does not execute remote scripts or use dangerous dynamic execution functions like eval() or exec() on external input.
Indirect Prompt Injection (SAFE): The skill has a data ingestion surface (FRED CSVs and Yahoo Finance tickers). However, the implementation in scripts/fetch_data.py enforces numeric conversion (pd.to_numeric(..., errors='coerce')), which effectively sanitizes the data and prevents any embedded text-based instructions from influencing the agent's logic.
Ingestion points: fetch_data.py (FRED/Yahoo Finance)
Boundary markers: Absent in prompts, but structurally enforced in code.
Capability inventory: Local script execution (rotator.py, visualize.py).
Sanitization: Present (strict numeric coercion of all incoming macro data).

zeberg-salomon-rotator