The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses execSync to execute a shell command that interpolates the DEPTH environment variable without sanitization or validation. If an attacker can control environment variables in the agent's runtime, they could execute arbitrary shell commands. Evidence found in cli.ts: const depth = process.env.DEPTH || "2"; followed by execSync(DEPTH=${depth} python3 "${tempFile}", ...).- [COMMAND_EXECUTION]: The skill dynamically generates a Python script from a hardcoded string, writes it to the local file system in a temporary directory, and then executes it. This dynamic code generation and execution pattern increases the attack surface and complicates static security auditing. Evidence found in cli.ts where pythonScript is written to tempFile and subsequently executed.

tree-view