The Agent Skills Directory

[Category 2: Data Exposure & Exfiltration] (SAFE): The skill requests sensitive business metrics such as MRR, ARR, and cash balances. This data is handled locally to generate markdown reports, and there are no instructions to exfiltrate this data via network tools or write it to sensitive system paths.
[Category 8: Indirect Prompt Injection] (SAFE): The skill has an ingestion surface for untrusted user data. 1. Ingestion points: User inputs during Step 1 (revenue, costs, growth). 2. Boundary markers: Absent. 3. Capability inventory: Read, Write, Edit, Bash, WebSearch, WebFetch. 4. Sanitization: Absent. Despite the surface, the instructions only use this data to generate a static financial report, posing no functional risk.
[Category 4: Unverifiable Dependencies & Remote Code Execution] (SAFE): No external scripts are downloaded or executed. While the 'Bash' tool is permitted in the metadata, the instructions do not invoke any shell commands.

startup-business-analyst-financial-projections