The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The skill utilizes the Bash tool to perform file system operations like creating directories and moving files. While it uses double quotes in shell templates, it does not provide instructions to sanitize or validate the filenames, which could be exploited if an attacker provides a filename containing shell metacharacters.
[PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability (Category 8). • Ingestion points: User-provided arguments ($ARGUMENTS) including file paths and track slugs, as well as metadata (filenames) within ZIP archives. • Boundary markers: None are defined to separate untrusted user data from the agent's logic. • Capability inventory: Bash tool for file system modification (mkdir, mv, unzip). • Sanitization: Absent; the skill suggests wrapping variables in double quotes in bash templates but does not explicitly instruct the model to escape or sanitize inputs.

import-audio