The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the npx skills CLI to perform searches and manage installations. Commands such as npx skills find, npx skills add, npx skills check, and npx skills update are executed directly within the agent's shell environment.
[EXTERNAL_DOWNLOADS]: The functionality relies on downloading packages from external sources, specifically GitHub repositories via the npx skills add <owner/repo@skill> command. While the documentation mentions trusted sources like vercel-labs/agent-skills, the command allows installation from any provided repository path.
[REMOTE_CODE_EXECUTION]: The skill enables the installation and subsequent execution of remote code. The recommendation to use the -y flag (skipping confirmation) and the -g flag (global installation) significantly elevates the risk by allowing automatic execution of potentially malicious code from third-party repositories.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via tool output poisoning. It processes untrusted data from external registries when running search commands. 1. Ingestion: External metadata and descriptions returned by npx skills find. 2. Boundary markers: Absent; no delimiters are used to wrap the untrusted output. 3. Capability inventory: Ability to install and update software (npx skills add/update). 4. Sanitization: Absent; the skill does not validate or sanitize search results before presenting them to the user or acting on them.

find-skills