The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes curl to fetch the raw HTML source of websites for structural analysis. These operations are limited to data retrieval for inspection purposes and do not involve downloading or executing remote scripts.
[COMMAND_EXECUTION]: Several workflows include shell commands such as grep, sed, tr, and sort to parse HTML tags and content hierarchy. While an automated scanner flagged a pipeline as potentially leading to a shell, manual inspection confirms these commands are used exclusively for string processing and data extraction.
[INDIRECT_PROMPT_INJECTION]: The skill demonstrates an attack surface for indirect prompt injection as it ingests content from external URLs provided by the user. Ingestion points: External web content fetched via curl as described in SKILL.md and references/ssr-strategies.md. Boundary markers: Absent; the agent is instructed to process the raw output of structural analysis commands. Capability inventory: Includes filesystem read access and network retrieval via curl, along with standard text-processing utilities. Sanitization: None; the skill evaluates the structural integrity of the raw HTML tags extracted from the source.

content-semantics