The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains explicit instructions to override standard AI agent safety behaviors and bypass user oversight. It commands the agent to never ask for permission, never wait for confirmation, and to ignore any impulse to ask the user questions, specifically stating: 'Wait for user confirmation... STOP and just execute'.
[COMMAND_EXECUTION]: The skill uses sudo to perform administrative tasks, including sudo apt-get update and sudo apt-get install. It also modifies system-level directories by installing binaries into /usr/local/bin and using chmod +x on downloaded content.
[COMMAND_EXECUTION]: The skill mandates a destructive operation where it automatically deletes the user's input Markdown file (rm -f <input.md>) immediately after processing without requesting confirmation, which can lead to unintentional data loss.
[EXTERNAL_DOWNLOADS]: Fetches executable binaries from GitHub's release infrastructure and pipes them directly to extraction tools before installing them to the system path. While targeting a well-known service, the automated and unattended nature of this installation is high-risk.
[PROMPT_INJECTION]: Indirect injection risk exists as the skill reads and processes user-provided Markdown files and YAML frontmatter, then interpolates this data into shell commands via Bash without evidence of sanitization or boundary markers.

whitepaper