The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to ingest and analyze user-provided documents in various formats to identify QMS documentation gaps, creating a surface for indirect prompt injection. 1. Ingestion points: The agent is instructed to read files from a user-provided directory for summarization and analysis (specifically mentioned in the 'Assess Current State' workflow in SKILL.md). 2. Boundary markers: Absent. The instructions do not specify the use of XML tags or other delimiters to isolate the content of user documents from the agent's instructions. 3. Capability inventory: The skill has the ability to execute shell commands (running the analysis script) and perform file system read operations. 4. Sanitization: Absent. The scripts/gap_analyzer.py script performs direct string matching on document content without filtering or sanitizing inputs.
[COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script to perform automated gap analysis on documentation. Evidence: python scripts/gap_analyzer.py --docs-dir <path_to_docs> --output gap-report.json as described in SKILL.md. Analysis: The executed script is part of the skill's package, uses only standard Python libraries, and does not exhibit malicious behavior such as network exfiltration or unauthorized file access.

iso-13485-certification