The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install the ACP CLI from a third-party GitHub repository (https://github.com/Virtual-Protocol/openclaw-acp) as part of its setup process.
[COMMAND_EXECUTION]: The workflow relies on executing shell commands using the acp CLI tool (acp setup, acp browse, acp job create, and acp job status) to interact with the Cybercentry service.
[COMMAND_EXECUTION]: User-supplied data from the query field is interpolated into a shell command string (acp job create ... --requirements '{"query": "..."}'). This pattern is susceptible to command injection or JSON parsing errors if malicious input is provided by an attacker.
[COMMAND_EXECUTION]: (Indirect Prompt Injection Surface Analysis) 1. Ingestion points: User-provided query string entered into the job requirements. 2. Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the command template. 3. Capability inventory: Execution of system commands via the external acp CLI tool. 4. Sanitization: The documentation advises users to sanitize and escape special characters, but the skill itself lacks any programmatic validation or escaping mechanism.

cyber-security-consultant