The Agent Skills Directory

[Indirect Prompt Injection] (HIGH): The skill automatically fetches and processes external repository data (READMEs, descriptions, and metadata) to generate 'Integration Recommendations'.
Ingestion points: SKILL.md (Workflow Step 1), references/github_api.md (Get README endpoint).
Boundary markers: None specified. External content is directly interpolated into the scoring and recommendation prompts.
Capability inventory: Writing to Supabase (insights table), suggesting changes to requirements.txt, and generating GitHub Action workflows.
Sanitization: No sanitization of README content is mentioned before it is processed by the AI.
[Data Exposure] (MEDIUM): The skill hardcodes a specific Supabase instance URL (mocerqjnksmhcjzxrewo.supabase.co) and references internal GitHub repository paths (breverdbidder/life-os), exposing the user's infrastructure structure.
[Command Execution] (LOW): While the skill describes modifying requirements.txt or creating .github/workflows/, these are presented as recommendations for the user to approve rather than autonomous executions, but the automation of these suggestions via untrusted data remains a concern.

github-hunter