The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the vhs command-line tool, which interprets and runs terminal commands defined within .tape files. This tool simulates terminal input, allowing for the execution of any shell command. Evidence: SKILL.md Phase 3 and modules/execution.md both define the execution of vhs <tape-file.tape>.
[EXTERNAL_DOWNLOADS]: The skill documentation provides instructions to download and install several dependencies from GitHub and other package managers. Evidence: SKILL.md and modules/execution.md recommend go install github.com/charmbracelet/vhs@latest and go install github.com/aspect-build/aspect-cli/pkg/ttyd@latest.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it executes commands from input files that may come from untrusted sources. . Ingestion points: Tape files are read and executed as part of the primary workflow (SKILL.md, Phase 1 and 3). . Boundary markers: Absent. The skill does not use delimiters or provide warnings to the agent about ignoring instructions embedded in the data. . Capability inventory: The skill can execute any command available in the terminal environment through the simulated input feature of VHS. . Sanitization: Absent. No filtering or validation of the commands within the tape file is performed beyond syntax checking.
[DATA_EXFILTRATION]: The skill includes an optional feature to publish recordings to an external public service, which could lead to accidental data exposure if secrets are captured in the recording. Evidence: modules/execution.md documents the --publish flag, which uploads recordings to vhs.charm.sh.
[COMMAND_EXECUTION]: Setup instructions include commands requiring elevated privileges for environment configuration. Evidence: modules/execution.md mentions sudo apt install fonts-jetbrains-mono for font configuration in WSL2.

vhs-recording