The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches documentation and model information from Google's official Gemini API domains (e.g., ai.google.dev, google.com). These references are used to provide the agent with up-to-date technical context and are considered trusted sources.
[COMMAND_EXECUTION]: The script scripts/ask_gemini.ts performs dynamic loading of utility modules (resolve-root.ts, utils.ts, shared.ts) using file system paths calculated at runtime. While intended to facilitate local code organization, this pattern involves dynamic imports from computed paths. The skill also requires the Bash tool to run the bun runtime for its logic.
[DATA_EXFILTRATION]: The script reads local files (primarily images) specified via command-line arguments and transmits their Base64-encoded content to Google's Gemini API endpoints. This involves reading local user data and sending it to an external service for processing.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It ingests untrusted data from images and user-provided prompts and interpolates them into a request for a large language model.
Ingestion points: Positional arguments for text prompts and file paths for images in scripts/ask_gemini.ts.
Boundary markers: None identified; the text and image parts are passed directly to the generateContent API method without delimiters or instructions to ignore embedded content.
Capability inventory: The skill can read local files via the script and execute shell commands through the Bash tool configuration in SKILL.md.
Sanitization: No evidence of input validation, escaping, or filtering of user-supplied content before it reaches the API.

ask-gemini