The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill has an attack surface for indirect prompt injection due to its core function of processing external data. Ingestion points: Processes historical financial statements, revenue growth assumptions, and scenario definitions from external files or user input. Boundary markers: The skill documentation does not define delimiters or specific instructions to ignore malicious prompts embedded within financial data. Capability inventory: Includes execution of Python scripts (dcf_model.py and sensitivity_analysis.py) to perform complex calculations and generate Excel workbooks. Sanitization: There is no mention of input validation or sanitization for the data processed by the modeling engine.

creating-financial-models