The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/init-artifact.sh script takes the project name as a command-line argument and uses it directly in shell commands such as pnpm create vite "$PROJECT_NAME" and cd "$PROJECT_NAME" without sanitization. This allows an attacker to execute arbitrary commands if a project name containing shell metacharacters (e.g., ;, &&) is provided.
[COMMAND_EXECUTION]: The initialization script attempts to modify the global system state by running npm install -g pnpm if the tool is not found, which is an invasive operation.
[REMOTE_CODE_EXECUTION]: The skill dynamically generates configuration files (e.g., vite.config.ts, tailwind.config.js) and build configs (.parcelrc) at runtime using shell redirects and executes Node.js code via node -e to patch JSON files. This runtime code generation is a risk if the generation process is influenced by untrusted user data.
[EXTERNAL_DOWNLOADS]: The skill downloads and installs over 50 third-party packages from the NPM registry. While the packages (React, Radix UI, Vite) are well-known, the large dependency surface and the use of unpinned versions for many packages increase the risk of supply chain vulnerabilities.

artifacts-builder