The Agent Skills Directory

REMOTE_CODE_EXECUTION (HIGH): The skill provides instructions to execute terminal commands that download and run code from unverified third-party registries. Evidence: references/block1-add-server.md suggests npx -y @upstash/context7-mcp@latest.
EXTERNAL_DOWNLOADS (HIGH): The skill references multiple external code sources and community marketplaces not within the trusted scope. Evidence: references/block4-plugin-mcp.md suggests adding obra/superpowers-marketplace.
COMMAND_EXECUTION (HIGH): The primary functionality involves the execution of high-privilege terminal commands like claude mcp add and /plugin install to configure the environment.
PROMPT_INJECTION (HIGH): The skill creates a significant Indirect Prompt Injection surface by connecting the agent to untrusted external data (Slack, Gmail, Notion) while granting it CLI access. 1. Ingestion points: MCP Servers (Slack, Gmail, Notion, Fetch) as documented in references/block3-popular-servers.md. 2. Boundary markers: Absent; no instructions are provided to the agent to treat external tool outputs as untrusted. 3. Capability inventory: Terminal and command execution access via Claude Code. 4. Sanitization: Absent; content fetched from external sources is processed directly by the agent without filtering.

day2-supplement-mcp