The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill uses obfuscation techniques, such as the _join_name function and manual string splitting (e.g., _join_name("ap", "i", "_", "ke", "y")), to construct sensitive string literals for 'api_key' and 'Authorization' to evade static analysis detection. Additionally, it extracts API keys directly from user messages via regular expressions and persists them in a local session state file.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Evidence: (1) Ingestion point: message parameter in scripts/send_survey_message.py; (2) Boundary markers: Absent; (3) Capability inventory: Network operations via urllib in scripts/ai_research_common.py; (4) Sanitization: Redaction of credentials in debug logs. Furthermore, the SKILL.md file contains numerous instructions to suppress agent autonomy and prohibit the disclosure of internal environment details.
[EXTERNAL_DOWNLOADS]: The skill performs network operations to console.volcengine.com for survey execution and status monitoring. These are official endpoints for Volcengine, a well-known service provided by ByteDance.
[COMMAND_EXECUTION]: The skill executes local Python scripts to process user requests and communicates with remote APIs. It also includes a debugging feature that generates and displays redacted curl command strings, exposing internal request structures.

byted-airesearch-survey