The Agent Skills Directory

[DATA_EXPOSURE]: The skill implements API interactions with well-known research platforms (Qualtrics and REDCap) using urllib.request. It correctly instructs the user to store sensitive API tokens in environment variables (QUALTRICS_API_TOKEN, REDCAP_API_TOKEN) rather than hardcoding them in the scripts.
[COMMAND_EXECUTION]: Includes documentation for scheduling the data collection script using a standard crontab entry, which is a routine administrative task for automation skills.
[INDIRECT_PROMPT_INJECTION]: The skill defines a surface for processing untrusted data by fetching survey responses from external APIs and remote CSV URLs.
Ingestion points: External data is ingested via export_qualtrics_responses, export_redcap_records, and pd.read_csv(source["url"]) in SKILL.md.
Boundary markers: None implemented for the ingested data.
Capability inventory: The skill has capabilities to write files (to_csv) and make network requests (API exports).
Sanitization: The skill performs schema normalization (renaming columns) and data validation (checking for duplicates/nulls) but does not sanitize the content for potential LLM instructions. However, the data is handled strictly as structured records within pandas DataFrames and is not used to influence agent prompts.

data-collection-automation