The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to run a shell command (awk) for CSV validation that includes the user-provided [keyword] variable in the file path. A malicious user can exploit this by providing a keyword that contains shell metacharacters (e.g., semi-colons or pipes) to execute arbitrary commands on the host system.
[PROMPT_INJECTION]: The skill ingests untrusted data from Amazon research tools (research_products, amazon_keyword_research) and interpolates it into sub-agent prompts and an HTML summary, creating an indirect prompt injection surface. 1. Ingestion points: Data retrieved from amazon_keyword_research and research_products tools. 2. Boundary markers: None provided to separate external data from instructions in the sub-agent prompt template. 3. Capability inventory: Use of sub-agents (Agent tool), file system writes (CSV generation), and shell execution (awk validation). 4. Sanitization: No evidence of validation or escaping for external data before use in prompts or HTML generation.

kunze-ad-setup