The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The repo-analysis.md workflow instructs the agent to execute git clone on URLs discovered via web searches and to run npm install -g repomix. Running arbitrary commands and installing software globally based on untrusted external data poses a significant security risk.\n- CREDENTIALS_UNSAFE (LOW): The scripts/utils/env-loader.js script traverses parent directories to locate and load .env files (e.g., .claude/.env). This behavior may inadvertently expose shared API keys or other sensitive environment variables to the skill.\n- EXTERNAL_DOWNLOADS (LOW): The fetch-docs.js script makes network requests to context7.com to retrieve documentation. This involves transmitting user queries and potentially an API key to an external third-party service.\n- INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to ingest documentation from external sources (llms.txt). Every ingestion point (e.g., fetch-docs.js) lacks explicit boundary markers or sanitization of the documentation content, creating a surface for indirect prompt injection if the agent processes the retrieved text.

docs-seeker