The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill contains a reference list of over 50 external directory URLs. Automated security scanning identified one of these entries (https://aiagentsverse.com/submit) as a malicious phishing URL. This presents a high risk of credential harvesting or information theft if a user or agent follows the instructions to submit product details to that site.\n- [COMMAND_EXECUTION]: The instructions in SKILL.md guide the agent or user to execute shell commands to verify the status of submitted listings.\n
Evidence: curl -sIL https://directory.com/your-listing | grep -i rel=\n- [DATA_EXFILTRATION]: The core workflow involves the agent sending sensitive product information (descriptions, tags, URLs) to a vast list of third-party directories. The inclusion of a flagged malicious URL increases the risk of unintended data exfiltration to a hostile actor.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8).\n
Ingestion points: SKILL.md instructs the agent to read local context files (e.g., .agents/product-marketing-context.md) and interact with numerous external directory websites.\n
Capability inventory: The agent is tasked with reading files, executing shell commands (curl), and potentially using browser tools to fill forms on third-party sites.\n
Boundary markers: No boundary markers or instructions to ignore embedded instructions are provided for the ingested context or external data.\n
Sanitization: No input validation or content sanitization is mentioned before processing the marketing context or external site data.

directory-submissions