The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill possesses an indirect prompt injection surface (Category 8). 1. Ingestion points: User-provided search queries are ingested through search.py. 2. Boundary markers: No explicit delimiters or instructions are used to separate external results from agent instructions in format_output. 3. Capability inventory: The skill is restricted to local CSV file retrieval and stdout printing, with no network or write access. 4. Sanitization: Basic sanitization is performed in BM25.tokenize using regex to strip punctuation and normalize input.
[COMMAND_EXECUTION] (SAFE): Script execution is limited to local Python files used for querying data. The implementation avoids unsafe primitives such as eval(), os.system(), or exec() for processing search terms.
[EXTERNAL_DOWNLOADS] (SAFE): The documentation refers to trusted system package managers (apt, brew, winget) for installing Python 3. These are verified and standard sources for environment prerequisites.

ui-ux-pro-max