The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (SAFE): The skill requires standard, well-known Python packages including pandas, numpy, yfinance, and scikit-learn. These are reputable libraries widely used in financial data science.\n- [DATA_EXFILTRATION] (SAFE): The fetch_data.py script performs network requests to api.coingecko.com and Yahoo Finance. These operations are strictly for fetching public historical price data, which is the primary purpose of the skill, and no sensitive local data is accessed or transmitted.\n- [COMMAND_EXECUTION] (SAFE): The skill uses Bash(python:*) to execute its internal logic scripts. The commands are parameterized and do not incorporate unvalidated external input in a way that leads to arbitrary code execution.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests external market data and user-provided JSON parameters. While this represents a theoretical attack surface, the data is numeric/structural and processed via standard libraries (pandas, json), posing minimal risk. Evidence: Ingestion in fetch_data.py (API data) and optimize.py (CLI arguments); Boundary markers: Absent; Capability inventory: Bash, Write; Sanitization: Numeric parsing in pandas.

backtesting-trading-strategies