The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): Shell command injection vulnerability in scripts/scamper-prompts.sh and scripts/swot-template.sh.
Evidence: Both scripts interpolate user-controlled variables ($TOPIC and $SUBJECT) within unquoted heredoc blocks (<<EOF).
Risk: In Bash, unquoted heredocs allow for parameter expansion and command substitution. An attacker providing input such as $(id) or `whoami` would cause the script to execute the command and include the result in its output. If an AI agent passes untrusted user input directly to these scripts, it creates a direct path for arbitrary command execution within the agent's shell environment.
DATA_EXFILTRATION (MEDIUM): Potential for local file exposure via the command injection vulnerability.
Evidence: The injection vulnerability in the shell scripts can be exploited to execute commands that read sensitive local files.
Risk: An attacker could craft an input like $(cat ~/.env) or $(cat ~/.aws/credentials). The script would then output the contents of these files as part of the generated template, which the AI agent would then process and potentially expose to the user or an external endpoint.

Creative Intelligence