dapianke

The skill is designed to manage course design projects by reading from and writing to markdown files in a user-specified directory. This creates a significant vulnerability: the agent is instructed to accept a user-provided path for file operations without any explicit sanitization or restriction, potentially allowing arbitrary file writes or reads (e.g., via path traversal). Furthermore, the agent is instructed to load the content of these user-controlled files directly into its context, which is a clear prompt injection vector. While the stated purpose is legitimate project persistence, the implementation exposes the agent to high-risk file system manipulation and prompt injection from untrusted data, making it suspicious.