The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill contains logic to read the user's ~/.zshrc file using grep to extract API keys (VIRLO_API_KEY, ELEVENLABS_API_KEY). Accessing shell configuration files is a high-risk pattern as these files often contain a wide range of sensitive credentials and system logic beyond what the skill specifically requires.
[COMMAND_EXECUTION]: The skill implements a 'Modes' system that parses markdown files to extract and execute a deploy command. This enables arbitrary shell command execution based on the contents of local configuration files. The logic includes an automatic matching feature that triggers a mode based on the current working directory, which could lead to accidental or malicious command execution in specific project environments.
[EXTERNAL_DOWNLOADS]: The skill performs external API calls to api.virlo.ai and api.elevenlabs.io using curl. While these services support the skill's primary functions (trend research and voiceover generation), interacting with external APIs involves sending data and authentication tokens to third-party infrastructure.
[PROMPT_INJECTION]: The skill demonstrates a vulnerability to indirect prompt injection by ingesting untrusted data from trend APIs and WebSearch results which are then used to generate content and influence agent behavior. There are no defined boundary markers or sanitization steps to prevent malicious instructions embedded in the external trend data from being processed by the agent.
Ingestion points: references/trend-research.md (Virlo API results, WebSearch queries for social trends).
Boundary markers: Absent.
Capability inventory: SKILL.md (arbitrary command execution via deploy_command), references/video-patterns.md (ElevenLabs API interaction).
Sanitization: Absent.

trend-to-content