The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions to construct a shell command (deepvista card create) that interpolates the entire content of a file into a command-line argument (--content "<file content>"). This is a classic command injection vulnerability; if a file contains shell metacharacters (e.g., backticks, dollar signs, or semicolons) or unbalanced quotes, it could cause the agent to execute unauthorized commands on the host system.\n- [DATA_EXFILTRATION]: The skill's core functionality involves recursively reading all files in a directory and sending their contents to an external service. This creates a significant risk of data exfiltration for sensitive files like .env, .ssh/id_rsa, or credentials.json if they are present in the scanned path and not explicitly excluded by the user.\n- [PROMPT_INJECTION]: The skill processes untrusted data from the local filesystem (the content of the files being imported). It lacks mandatory sanitization or boundary markers (e.g., XML tags or clear delimiter instructions) to prevent the agent from accidentally following instructions embedded within the files themselves (Indirect Prompt Injection).\n
Ingestion points: Reads files from the current directory using a recursive find operation and a Read tool (SKILL.md).\n
Boundary markers: Absent. The file content is directly passed to the command-line tool as a string argument.\n
Capability inventory: Uses find for discovery and executes the deepvista CLI tool for card creation via subprocess/shell.\n
Sanitization: Absent. There is no logic to escape shell characters or filter out active content from the files before processing.

deepvista-recipe-import-files