The Agent Skills Directory

Prompt Injection (LOW): The skill's primary function is to transform user-provided text, which creates a surface for indirect prompt injection. Ingestion points: Untrusted user prompts provided in the Quick Start section of SKILL.md and CSV data described in data-analysis-example.md. Boundary markers: The skill uses XML-like tags (e.g., , , ) to structure the agent's response, but it does not include specific safety instructions for the agent to disregard instructions or 'jailbreak' attempts embedded within the user's input. Capability inventory: The skill assumes the agent has access to Model Context Protocol (MCP) tools, Python execution for data analysis, and the ability to write to the file system (e.g., progress.txt). Sanitization: There is no evidence of input validation or sanitization routines to filter the content being optimized.
Command Execution (SAFE): The skill includes Python code snippets for data analysis in data-analysis-example.md; however, these are provided as static documentation templates and do not involve the dynamic execution of untrusted external scripts or commands.

prompt-optimization