The Agent Skills Directory

Persistence Mechanism (HIGH): The README.md and reference.md files instruct users to append environment variables to shell profiles (e.g., ~/.zshrc) and PowerShell profiles ($PROFILE). If an AI agent executes these instructions, it establishes a persistence mechanism by modifying the environment across all future sessions.\n- External Downloads (MEDIUM): The skill directs the agent to install components from an untrusted source ('sanjay3290/ai-skills'). This source is not part of the trusted developer list and poses a supply chain risk.\n- Incomplete Implementation (HIGH): The core logic file 'scripts/generate_image.py' is referenced as the primary execution point for interacting with the Google Gemini API and writing images to the disk, but it is not provided in the skill package. Its behavior regarding sensitive data handling and file system access cannot be verified.\n- Indirect Prompt Injection Surface (HIGH): The skill is designed to process untrusted user input (image prompts) and possesses both network access and file-write capabilities. Without the source code for the generation script, it is impossible to determine if the skill implements boundary markers or sanitization to prevent malicious prompts from causing unauthorized file writes or data exfiltration.

imagen