The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The skill instructions (SKILL.md) direct the agent to execute shell commands like python scripts/process_data.py --input <file> and python scripts/validate.py --data <input>. Direct interpolation of user-controlled variables into these command strings poses a severe risk of command injection if the underlying agent implementation does not perform rigorous shell escaping.
[PROMPT_INJECTION] (HIGH): (Category 8: Indirect Prompt Injection) The skill is designed to ingest and process untrusted external data with high-privilege execution capabilities.
Ingestion points: Untrusted data is ingested via the --input (line 35) and --data (line 41) parameters.
Boundary markers: Absent. The instructions do not define delimiters or provide 'ignore instructions' warnings for the content being processed.
Capability inventory: The skill possesses the capability to execute local Python scripts, which can perform arbitrary file system or system operations depending on the script logic.
Sanitization: While a validate.py script is mentioned, there is no evidence of strict schema validation or sanitization of input before it is used to construct the execution command.

skill-with-scripts