The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill exposes a surface where untrusted data from processed files could influence the agent's behavior.
Ingestion points: The scripts scripts/calculate_ice.py and scripts/calculate_rice.py ingest data from external CSV files provided by the user via the --csv argument.
Boundary markers: Absent. The scripts output the raw feature_name string from the CSV directly into the agent's observation space (stdout), providing no delimiters to separate data from instructions.
Capability inventory: Both Python scripts have the capability to write to the local filesystem via the --output argument. While intended for saving results, this could be abused to overwrite sensitive files if the agent is not properly constrained.
Sanitization: The scripts validate numerical values (Reach, Impact, Effort, etc.) as floats, which prevents injection in those fields. However, the feature_name string is not sanitized or escaped before being output to the console.

feature-impact-analyzer