The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill facilitates the downloading and installation of external code from GitHub repositories via the npx skills add command. Evidence: In SKILL.md, the instruction npx skills add <owner/repo@skill> -g -y bypasses confirmation and installs software from remote sources. While the documentation references trusted repositories from Vercel Labs, the command template allows for arbitrary third-party sources.\n- [COMMAND_EXECUTION]: The skill instructs the agent to run CLI tools (npx skills) to perform searches and system-wide installations. Evidence: SKILL.md contains several bash blocks with commands such as npx skills find [query] and npx skills add <package>.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by taking untrusted user input as search queries and displaying output from external tool executions. 1. Ingestion points: User-provided search terms are passed directly to npx skills find [query] in SKILL.md. 2. Boundary markers: No delimiters or instructions are provided to the agent to ignore potentially malicious instructions within the tool's output. 3. Capability inventory: The skill has the capability to execute shell commands and modify the environment by adding new skills. 4. Sanitization: No sanitization or validation of the search query or the tool output is mentioned.

find-skills