The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill installs a large number of R packages. While most are from the official CRAN repository (a well-known service), the file techniques/01_core_econometrics.md includes a command to install the HonestDiD package directly from a personal GitHub repository (asheshrambachan/HonestDiD). This constitutes an unverifiable remote dependency.
[REMOTE_CODE_EXECUTION]: The skill is designed to generate and execute R scripts using the Rscript utility. The inclusion of remote package installation from unverified sources (GitHub) followed by execution of those packages provides a potential vector for remote code execution if the source repository were compromised.
[COMMAND_EXECUTION]: The skill utilizes several shell commands via the agent's environment, including Rscript for executing analysis, git for version control and progress tracking, and which to verify the presence of the R environment.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external data provided by the user.
Ingestion points: The skill reads external data from data/raw/ using read.csv and haven::read_dta. It also reads project configuration from project.yaml.
Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the provided templates when processing data.
Capability inventory: The skill can execute arbitrary R code via Rscript, write to the file system (saveRDS, write.csv, ggsave), and perform git operations.
Sanitization: There is no evidence of sanitization or filtering of the content within the data files before processing or before including summaries in the memos/analysis-memo.md file.

r-analyst