The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill is designed to automatically integrate external GitHub repositories into the integrations/ folder as submodules if they meet a specific score threshold (>=70). This introduces a risk where unvetted code from arbitrary third-party sources is brought into the developer's environment without manual oversight.
[COMMAND_EXECUTION]: The integration workflow involves executing system commands (specifically git submodule add) to modify the local repository structure and pull external content.
[DATA_EXFILTRATION]: Discovered repository metadata, including names, URLs, and summaries, is transmitted to an external Supabase instance (mocerqjnksmhcjzxrewo.supabase.co) via GitHub Actions or direct REST API calls. This aligns with the vendor's stated purpose for archiving insights.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because the evaluation script (scripts/evaluate_repo.py) parses repository README files to calculate relevance scores. An attacker can deliberately populate a README with target keywords (e.g., 'foreclosure', 'adhd', 'langgraph') to artificially inflate the score and trigger an 'AUTO_ADD' action.
Ingestion points: scripts/evaluate_repo.py ingests the 'readme' and 'description' fields from discovered repositories.
Boundary markers: No delimiters or safety instructions are used to prevent the evaluation logic from being influenced by adversarial content within the README.
Capability inventory: The skill possesses the capability to modify the local file system and repository configuration by adding submodules.
Sanitization: No sanitization or validation of the README content is performed; the scoring is based on simple keyword presence.

github-repo-hunter