The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script scripts/download-gif.sh uses curl to fetch content from a URL retrieved at runtime via the gifgrep utility. This allows the download of arbitrary files based on external search results.
[COMMAND_EXECUTION]: The skill executes shell commands using bash to run its internal scripts and standard system utilities including curl, mkdir, and head.
[DATA_EXFILTRATION]: The skill downloads content into a specific directory (/media/outbox/) intended for relaying files to an external Telegram chat. There is a potential risk that sensitive data could be fetched via SSRF if the search utility returns an internal or malicious URL, leading to that data being sent to the chat.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from an external search tool (gifgrep) and uses it to construct a network request (curl) without sanitization.
Ingestion points: The output of gifgrep in scripts/download-gif.sh is used as a URL.
Boundary markers: None identified in the script logic.
Capability inventory: Uses curl for network requests and mkdir for file system writes.
Sanitization: The $URL variable is not validated or sanitized before being passed to curl.

gifgrep