The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs users to install a CLI tool and plugins directly from the vendor's website (app.myfundfarm.com and www.myfundfarm.com) rather than a standard package registry like npmjs.com. This bypasses centralized security auditing and integrity checks.
[REMOTE_CODE_EXECUTION]: By downloading and installing a .tgz package globally via npm and installing plugins from remote URLs, the skill executes code sourced from the vendor's servers on the local machine.
[COMMAND_EXECUTION]: The skill relies on the 'fundfarm' CLI tool to perform various operations, including financial transactions (buy/sell), portfolio imports, and knowledge base management.
[DATA_EXFILTRATION]: User portfolio data, transaction histories, and personal investment strategy notes are transmitted to the vendor's API (api.myfundfarm.com). While this is essential for the service's functionality, it involves exposing financial data to a third-party platform.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. It processes external data such as fund details, strategy notes, and imported holding files. Maliciously crafted data in these sources could potentially influence the AI agent's logic to perform unauthorized or harmful financial transactions.
Ingestion points: Fund metadata, user-provided strategy notes, and batch-import holding files.
Boundary markers: None explicitly defined in the instructions to prevent the agent from obeying instructions embedded in fund data.
Capability inventory: High-impact capabilities including buy/sell operations, transaction cancellation, and knowledge base modification.
Sanitization: The skill mentions server-side validation for formats but lacks explicit prompt-level sanitization for data ingested into the LLM context.

fundfarm