The Agent Skills Directory

[COMMAND_EXECUTION]: Multiple scripts (including src/datapro/converter.py, src/datapro/reporter.py, and src/datapro/data/skills/document-converter/scripts/compile_report.py) invoke system utilities such as pandoc, xelatex, pdftotext, tesseract, and mmdc (Mermaid CLI) via subprocess.run(). These calls are used to perform document conversions and render charts, which are core functionalities of the reporting engine.
[EXTERNAL_DOWNLOADS]: The src/datapro/engine.py script uses the DuckDB engine to download and install extensions (httpfs, icu) at runtime. Additionally, src/datapro/data/skills/document-converter/scripts/markdowner_mistral.py interacts with the Mistral AI API for OCR tasks. These operations involve network communication with established, well-known technology providers.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8). It is designed to ingest and summarize external data from CSV, Excel, and PDF files. The instructions (e.g., in survey-analysis-pipeline.md) direct the agent to analyze results generated from these untrusted sources without explicit boundary markers or sanitization to prevent the execution of instructions that might be embedded within the data.

data-pro-max