The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Clones a third-party repository from github.com/frank890417/taiwan-md.git which is not a verified or trusted source.\n- [REMOTE_CODE_EXECUTION]: Instructs the execution of a shell script (scripts/sync.sh) and npm install from the unverified repository, which allows for the execution of arbitrary code provided by the repository maintainer.\n- [COMMAND_EXECUTION]: Uses commands such as npm install, chmod +x, and bash scripts/sync.sh to manage and synchronize the environment, involving the execution of external scripts.\n- [EXTERNAL_DOWNLOADS]: Fetches images from Wikimedia Commons via curl. This is documented as a well-known service and the action is considered safe in this context.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of untrusted Markdown content in the knowledge/ directory.\n
Ingestion points: Markdown files within the knowledge/ directory that can be modified via community contributions.\n
Boundary markers: Absent. No explicit delimiters or instructions are provided to the agent to disregard instructions within the data.\n
Capability inventory: Shell execution (bash), file system modification, and network operations (curl, npm).\n
Sanitization: Absent. There is no evidence of sanitization or validation of the ingested Markdown content.

taiwan-md-knowledge-base