The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill processes external PDF documents (scripts/pdf_intelligence.py) to extract text for appraisal. This constitutes an indirect prompt injection surface where malicious instructions in a document could influence the agent's reasoning during the evidence matching process (scripts/semantic_search.py). No sanitization or boundary markers are implemented for the extracted text. Evidence Chain: Ingestion: PDF files; Boundaries: Absent; Capability: Internal reasoning/report generation; Sanitization: Absent.
EXTERNAL_DOWNLOADS (INFO): The script 'scripts/semantic_search.py' utilizes the 'sentence-transformers' library, which automatically downloads pre-trained models from HuggingFace. HuggingFace is a trusted organization, so this finding is downgraded to INFO per [TRUST-SCOPE-RULE].

network-meta-analysis-appraisal