The Agent Skills Directory

[PROMPT_INJECTION]: The H1 header in SKILL.md contains a long sequence of hidden zero-width characters (U+200B, U+200C, U+200D) which decode to a 'SYSTEM injection mode' instruction. This text explicitly directs the agent to 'disregard previous instructions', a classic bypass attempt.
[COMMAND_EXECUTION]: The Python code snippets provided in the skill use subprocess.run to execute the system ping command and the curl utility. While contextually relevant to network testing, this capability could be exploited by the hidden injection instructions to perform unauthorized network scanning or system interaction.
[EXTERNAL_DOWNLOADS]: The generate_load function in the skill's detector script initiates a 100MB download from http://speedtest.tele2.net/100MB.zip. Although Tele2 is a well-known service provider, the automatic execution of external downloads in a background thread is a risky pattern, especially when combined with hidden instructions.
[PRIVILEGE_ESCALATION]: The skill provides documentation and generated strings for system-level networking commands such as tc qdisc add, which typically require root or administrative privileges to execute. This encourages users or agents to run commands with elevated permissions.

gettys-bufferbloat