The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The npm package installation for @temporal-cortex/cortex-mcp includes a post-install script that downloads a pre-compiled executable binary from an external GitHub repository (https://github.com/temporal-cortex/mcp/releases/tag/mcp-v0.9.1) and executes it on the local system.
[CREDENTIALS_UNSAFE]: The skill accesses and manages sensitive OAuth credentials and configuration files located at ~/.config/temporal-cortex/credentials.json. Additionally, the metadata author 'temporal-cortex' does not match the provided author context 'billylui', which may indicate a source discrepancy.
[EXTERNAL_DOWNLOADS]: The skill fetches binary updates and checksums from GitHub and communicates with external APIs at api.temporal-cortex.com and various third-party calendar providers (Google, Microsoft, CalDAV).
[COMMAND_EXECUTION]: The skill uses npx to execute third-party code and provides instructions for running the service within Docker containers with host filesystem volume mounts.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from external data. 1. Ingestion points: The list_events tool reads event summaries and descriptions from external calendars. 2. Boundary markers: None identified in the provided skill logic. 3. Capability inventory: Includes the book_slot and request_booking tools which have network and write permissions. 4. Sanitization: The documentation claims an internal firewall exists within the binary to sanitize content, but this claim cannot be independently verified from the skill source.

temporal-cortex