The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the agent to clone a repository from an unverified GitHub user ('chiefautism') at github.com/chiefautism/privacy-parser. This does not match the expected naming patterns for the stated author ('Aradotso').
[EXTERNAL_DOWNLOADS]: Automatically downloads approximately 3GB of model weights to the user's home directory (~/.opf/privacy_filter/) during the first run from an unspecified external source defined within the downloaded code.
[REMOTE_CODE_EXECUTION]: Instructs the user to perform an editable installation (pip install -e) of the cloned code. This executes the setup.py or equivalent installation logic from the unverified remote repository, allowing for arbitrary code execution on the host system.
[DATA_EXFILTRATION]: The primary purpose of the skill is to identify and extract structured PII, including 'secrets' (API keys, passwords, tokens) and 'account_number' (bank/card identifiers). While this is the advertised feature, it creates a high-risk capability for automated data harvesting and credential theft if used by a malicious agent.
[COMMAND_EXECUTION]: Provides instructions for piping file contents directly into the model's CLI (cat dump.txt | python -m pii_parser.cli_model -), which bypasses common safety checks and could lead to unintended processing of malicious input strings.
[PROMPT_INJECTION]: The skill lacks boundary markers or sanitization logic when processing text via parser.parse(), making it vulnerable to indirect prompt injection where instructions hidden in the input text could attempt to influence the agent's behavior during the extraction process.

privacy-parser-pii-extraction