The Agent Skills Directory

[DATA_EXFILTRATION]: The skill mirrors local files and entire repository trees into a local documentation folder (docs/troves/) and then executes an automated git push origin trunk. This process creates a significant risk that sensitive local data, such as credentials, .env files, or private code, could be inadvertently committed and pushed to a remote repository if they are included in a research task scope.
[EXTERNAL_DOWNLOADS]: The skill fetches content from arbitrary URLs via curl and uses third-party paywall bypass proxies (e.g., freedium.cfd, freedium-mirror.cfd) defined in references/paywall-proxies.yaml. This involves sharing potentially sensitive research URLs with external entities.
[COMMAND_EXECUTION]: Multiple Bash scripts (export-snapshot.sh, migrate-to-troves.sh, trovewatch.sh) are used for core operations. These scripts perform complex file manipulations, Git commands, and use uv run to install and execute Python dependencies (ruamel.yaml, pyyaml) at runtime.
[PROMPT_INJECTION]: The skill processes untrusted content from web pages and transcripts to generate 'synthesis' documents. This creates an attack surface for indirect prompt injection, where malicious instructions hidden in external web content could influence the agent's behavior during the normalization or synthesis phases.

swain-search