The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill processes external financial documents, which serves as a potential ingestion point for malicious instructions. Ingestion points: Text is extracted from PDFs and images using 'pypdf' and 'tesseract' in 'SKILL.md'. Boundary markers: The provided guidance does not include delimiters to isolate untrusted data. Capability inventory: The skill uses file system commands (cp, mv, rm) and package installation (pip, apt-get). Sanitization: Extracted document text is not sanitized before being utilized by the agent logic.

financial-document-processor