The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from external financial sources. Ingestion points: Data fetched from East Money and Xueqiu as described in SKILL.md and references/data-queries.md. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided files. Capability inventory: The skill has the ability to execute shell commands and run Python scripts (references/data-queries.md). Sanitization: No evidence of data sanitization or filtering of external content was found.
[COMMAND_EXECUTION]: The skill instructs the agent to run various shell commands for environment management and script execution. Evidence: Instructions in references/data-queries.md to activate virtual environments and run views_runner.py scripts.
[EXTERNAL_DOWNLOADS]: The skill installs Python dependencies at runtime from a local path. Evidence: python -m pip install -r ../findata-toolkit-cn/requirements.txt in references/data-queries.md.

hot-rank-sentiment-monitor