The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of the agentpulse package from the npm registry. This package is not from a trusted organization (e.g., Anthropic, OpenAI) and its security cannot be verified during static analysis.
COMMAND_EXECUTION (MEDIUM): The skill uses npx agentpulse to execute a local server and npm install for dependency management. Running unverified packages can lead to arbitrary code execution on the local machine.
DATA_EXPOSURE (MEDIUM): The instructions require editing the claude_desktop_config.json file. This is a sensitive configuration file that manages agent capabilities and server registrations.
PROMPT_INJECTION (LOW): This skill sets up an indirect prompt injection surface by bridging application state directly to an AI agent via the Model Context Protocol (MCP). Ingestion points: Application state and interactive component data are exposed via the useExpose hook (e.g., in App.tsx and interactive components). Boundary markers: No delimiters or 'ignore embedded instructions' warnings are implemented in the setup pattern. Capability inventory: The bridge allows the agent to read state and potentially modify it via setValue bindings, which could be exploited if the app state contains malicious instructions from an untrusted user. Sanitization: There is no evidence of sanitization or validation of the data being passed through the bridge.

agentpulse-setup