The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: Instructs the agent or user to download and run an installation script (install.sh) from an unverified GitHub repository (sdyckjq-lab/llm-wiki-skill). This allows arbitrary code execution from a source that does not match the claimed author's infrastructure.- [REMOTE_CODE_EXECUTION]: Fetches and executes installation scripts for well-known tools Bun and uv using the curl | bash pattern. These downloads originate from well-known services.- [COMMAND_EXECUTION]: Recommends starting Google Chrome with the --remote-debugging-port=9222 flag. This configuration opens an unauthenticated debugging interface that allows remote control of the browser session and could be exploited to steal sensitive information such as cookies, history, and active sessions if the port is reachable by other processes or on the network.- [EXTERNAL_DOWNLOADS]: Dynamically downloads and executes third-party tools from NPM (baoyu-url-to-markdown) and PyPI via uvx (youtube-transcript, wechat-article-to-markdown) to extract content from various web sources.- [PROMPT_INJECTION]: The skill possesses a significant surface for indirect prompt injection.
Ingestion points: Untrusted data enters the context through URLs, YouTube transcripts, and WeChat articles stored in the raw/ directory.
Boundary markers: No delimiters or instructions to ignore embedded commands are specified in the prompt templates.
Capability inventory: The skill uses npx, uvx, and file system write operations.
Sanitization: No validation or sanitization of external content is mentioned before it is processed by the agent to generate wiki pages.

llm-wiki-skill