The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill's instructions in 'SKILL.md' (Step 1: Data Loading and Validation) explicitly list Python 'pickle' as a supported data format for complex objects. Deserializing pickle files is inherently dangerous when the source is untrusted, as it can be exploited to execute arbitrary code on the system.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its data processing workflow. Ingestion points: Untrusted data enters the agent context from experimental results files (CSV, JSON, Pickle, TensorBoard) as defined in 'SKILL.md' and 'USAGE.md'. Boundary markers: The instructions do not specify any delimiters or safety warnings to prevent the agent from obeying instructions potentially embedded within these data files. Capability inventory: The skill leverages 'read_file' for ingestion and 'write_file' to produce various artifacts like 'analysis-report.md' and 'results-draft.md'. Sanitization: There are no instructions for sanitizing, escaping, or validating the content of the external files before they are processed or included in generated outputs.

inno-experiment-analysis