The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill is designed to ingest and summarize data from EcoStruxure Automation Expert (EAE) projects, creating a significant surface for indirect prompt injection attacks.
Ingestion points: The skill reads a wide variety of project files, including *.doc.xml (documentation), *.fbt (function blocks), System.sys (topology), and README.md. These files are typically user-controlled or attacker-controlled if the project is sourced from the internet.
Boundary markers: Absent. The analyze_project.py script does not implement any delimiters or "ignore instructions" tags to prevent the AI from obeying instructions found within the parsed data.
Capability inventory: The script performs extensive file-system reads within the target directory and has the ability to write reports to the local filesystem via the --output parameter.
Sanitization: No sanitization or filtering of the extracted text (particularly from documentation and descriptions) is performed before it is included in the markdown or JSON output.
Unverifiable Dependencies (LOW): The orchestrator script analyze_project.py attempts to import nine local modules (e.g., parse_solution, parse_system_topology, calculate_quality) that are listed in SKILL.md but are not provided in the skill package files. This prevents a thorough security review of the actual parsing and analysis logic performed by the tool.

eae-sln-overview