The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill uses unsafe shell interpolation within jq command strings. In Stages 2, 7, and 8, the variable $task_number is interpolated directly into the jq filter: select(.project_number == '$task_number'). If task_number is manipulated to contain jq syntax (e.g., 1) | .secrets | (select(.id == 1), it could result in data leakage or unauthorized modification of the JSON state file.
[DATA_EXFILTRATION] (LOW): In Stage 9, the skill executes git add -A followed by a commit. This 'add all' approach is dangerous in an automated agent context, as it may inadvertently stage and commit sensitive files (like .env, SSH keys, or temporary credential files) to the repository history if they are not explicitly covered by .gitignore.
[SAFE] (INFO): The skill correctly uses jq --arg for most string variables (like path, type, and summary), which prevents those specific values from being interpreted as jq commands or breaking shell boundaries.
[SAFE] (INFO): No hardcoded credentials or unauthorized external network connections were detected in the shell scripts.

skill-researcher