agent-discovery

The agent-discovery skill correctly defines discovery locations and a file format for Claude Code agents. Primary security concerns are: (1) Bash capability enabling arbitrary shell execution if not tightly sandboxed or if user-supplied inputs are used in commands; (2) Underspecified Actoris MCP integration that could leak agent metadata or prompt contents to external services without clear authentication or retention policies; (3) Unconstrained plugin-root and globbing behavior that can access unexpected files. Mitigations: restrict to read-only filesystem APIs where possible, remove or tightly sandbox Bash execution, validate and sanitize file paths, require explicit authenticated Actoris endpoints with encryption and auditable consent, and filter or redact sensitive contents before external transmission. With these mitigations the tool is suitable for discovery; without them it presents a moderate supply-chain/data-exfiltration risk.