The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The documentation in Parser/README.md includes an example command referencing https://url3.com, which has been identified as a malicious domain by automated security scanners. Although used as a placeholder in the examples, its presence is a security risk.
[REMOTE_CODE_EXECUTION]: The Browser skill includes a playwright-cli eval command that allows for the execution of arbitrary JavaScript within a browser session. This is a high-risk capability that could lead to code execution if the input is derived from untrusted or malicious sources.
[COMMAND_EXECUTION]: The skill frequently executes powerful system commands for file manipulation (cp, mv, rm, unzip) and infrastructure management (wrangler deploy). These commands are necessary for the skill's utility functions but possess significant power over the host system.
[PROMPT_INJECTION]: The Parser and PAIUpgrade components process untrusted data from external sources, including URLs, PDFs, and YouTube transcripts. This content is used by AI agents to populate structured data schemas and suggest modifications to core system instructions through the AlgorithmUpgrade workflow, creating a significant surface for indirect prompt injection attacks where an attacker could influence system behavior.
[DATA_EXFILTRATION]: The skill's ability to fetch and extract content from arbitrary URLs via the Parser and Browser components could be exploited to access and retrieve sensitive information from internal or local network resources if the agent is manipulated into doing so.

Utilities