The Agent Skills Directory

[SAFE]: The skill retrieves current matchup statistics from Yahoo Sports and schedule data from MLB.com. These are well-known services, and the data is essential for the skill's intended purpose of fantasy baseball analysis.
[SAFE]: The skill processes data from external websites, which represents an attack surface for indirect prompt injection. However, the risk is categorized as safe because the processing logic specifically extracts numeric totals and ratios (such as R, HR, RBI, and OBP) for statistical modeling rather than interpreting or executing natural language instructions from the fetched content. Evidence Chain: (1) Ingestion points: Yahoo matchup pages and MLB.com schedule pages; (2) Boundary markers: Data is expected to be in numeric or decimal format for extraction into structured projection dictionaries; (3) Capability inventory: The skill generates markdown signal files and delegates math to a sibling simulation skill, but lacks high-privilege capabilities like arbitrary shell access; (4) Sanitization: Targeted numeric extraction and ratio calculations provide inherent sanitization against natural language instruction injection.

mlb-category-state-analyzer