The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of the 'mole' utility via a third-party Homebrew tap ('tw93/tap/mole'). This source is not part of the pre-approved trusted organizations, and its binary cannot be automatically verified for security.
COMMAND_EXECUTION (MEDIUM): The Phase 3 workflow interpolates user-controlled target paths directly into Python shell commands (e.g., 'python doc-mindmap/scripts/doc_converter.py <target_path> --convert'). This pattern is susceptible to shell injection if the underlying scripts do not properly sanitize input or if the agent does not escape shell metacharacters.
INDIRECT_PROMPT_INJECTION (LOW): The skill processes external documents for summarization and classification. Evidence Chain: (1) Ingestion: Documents located in user-specified directories. (2) Boundaries: No explicit boundary markers or 'ignore' instructions are used in the provided command templates. (3) Capability: The skill can execute Python scripts, perform file system operations (cp, open), and make network requests via the 'requests' library. (4) Sanitization: The instruction file does not describe any sanitization or validation of the content being processed by the 'markitdown' or AI summarization steps.

file-master