The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses pnpm report and pnpm gains to run local scripts for tax calculation and report generation.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external financial records. Ingestion points: Reads data from normalized/capital-gains.json, normalized/w2-data.json, normalized/charitable-donations.json, and reports/tax-ready/form-8949-c.csv. Boundary markers: There are no boundary markers or instructions provided to the agent to treat file content as untrusted data or to ignore embedded instructions. Capability inventory: The skill has command execution capabilities via pnpm and access to sensitive local file paths. Sanitization: There is no evidence of sanitization, escaping, or validation of the content within the financial files before they are interpolated into the agent context.

tax-check