The Agent Skills Directory

[DATA_EXFILTRATION]: The skill accesses a wide array of highly sensitive personal health data files. This exposure of sensitive information to the agent context is a significant concern. Evidence includes access to data/pregnancy-tracker.json, data/medication-logs/**/*.json, data/radiation-records.json, data/cycle-tracker.json, and data/mood/**/*.json.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it aggregates untrusted data from user-supplied health logs into reports. Ingestion points: Reading files from data/symptoms/, data/mood/, data/diet/, and data/medication-logs/. Boundary markers: Absent; there are no instructions to delimit or ignore instructions found within the health data records. Capability inventory: The skill uses Read, Write, Grep, and Glob tools to process and output data. Sanitization: Absent; health data is interpolated into text summaries and HTML templates without evidence of escaping or validation, creating a surface for injection in the generated reports.
[EXTERNAL_DOWNLOADS]: The skill utilizes the ECharts library via a public CDN to render visualization reports. This is documented as a standard practice for creating the interactive charts described in the functionality.

health-trend-analyzer