The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill requires the agent to ingest untrusted external data (calendar/ICS files) and then perform execution tasks (writing and running verification scripts). This combination allows for a scenario where malicious content in a calendar file could influence the agent's logic or the scripts it generates. Ingestion points: External ICS/calendar files described in Phase 1. Boundary markers: No specific delimiters or instruction-guards are defined for the data processing phase. Capability inventory: Phase 3 and Best Practices mandate writing and executing scripts (subprocess/exec capability). Sanitization: Phase 1 includes an integrity check and recommends proper parsers, which mitigates file-level corruption but does not prevent content-based prompt injection.
Dynamic Execution (LOW): The skill instructs the agent to generate and run scripts for constraint checking. While appropriate for the task, automated code generation and execution is a form of dynamic execution that increases the overall risk profile when combined with external inputs.

constraints-scheduling