The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides explicit instructions for the agent or user to execute local Python scripts using shell commands with user-controlled arguments. For example, the commands python scripts/import_apple_health.py ~/Downloads/apple_health_export.zip and python scripts/import_generic.py health_data.csv --mapping mapping_config.json involve passing potentially untrusted file paths and configuration files directly into a shell execution context.
[DATA_EXFILTRATION]: The skill accesses and processes highly sensitive personal health information (PHI), including heart rate, blood pressure, sleep records, and weight history stored in files such as data/profile.json and data/blood-pressure/**/*.json. Accessing this category of sensitive data without strict compartmentalization increases the risk of inadvertent exposure or harvesting by malicious instructions.
[EXTERNAL_DOWNLOADS]: The skill integrates with external health platforms via APIs (Fitbit and Oura Ring) using the requests library. While targeting well-known services, these network operations involve the transmission of health-related metadata and synchronization of user records.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted external data files.
Ingestion points: Data enters the system via Apple Health ZIP/XML exports, Fitbit CSVs, and generic CSV/JSON files (readAppleHealthExport, readGenericFile).
Boundary markers: The workflow does not specify the use of delimiters or 'ignore embedded instructions' warnings when parsing these external files.
Capability inventory: The skill has the capability to write to the local filesystem (saveToLocalFile), read various local data stores, and execute shell scripts.
Sanitization: While data type and range validation are mentioned, there is no evidence of prompt-level sanitization to prevent instructions embedded in health records from influencing the agent's behavior during report generation or health status analysis.

wellally-tech