The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The README.md and install.sh files provide a one-line installation command that downloads a script from the author's GitHub repository and executes it directly via bash process substitution. While this is a common distribution method for developer tools, it constitutes a remote code execution pattern.\n- [COMMAND_EXECUTION]: The skill's instructions (SKILL.md) and supporting documentation (references/verification-checklist.md) direct the agent to execute shell commands on the host system. Specifically, it uses npx serve to launch a local web server for page verification and npx vercel to deploy the final assets to a cloud hosting environment.\n- [EXTERNAL_DOWNLOADS]: During the research and verification phases (SKILL.md Phase 1 and Phase 3), the agent is instructed to perform network operations to fetch assets, branding data, and HTTP status codes from arbitrary external URLs provided by the user.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it is designed to ingest and process data from potentially untrusted external sources (client websites and documents) and has the capability to perform network and deployment actions based on that data.\n
Ingestion points: Website scraping (SKILL.md, Phase 1) and document content extraction from PDFs/Word docs (SKILL.md, Phase 2).\n
Boundary markers: Absent; there are no instructions provided to the agent to treat external content as untrusted or to use delimiters to separate source content from system instructions.\n
Capability inventory: Outbound network requests via fetch/curl (SKILL.md Phase 1, 3), local server execution via npx serve (SKILL.md Phase 5 and references/verification-checklist.md), and production deployment via npx vercel (SKILL.md Phase 6).\n
Sanitization: Absent; the skill lacks logic to validate or sanitize the text and images extracted from external sources before they are integrated into the final code build.

landing-page