The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a local CLI tool using a bash command template that incorporates user-provided input.
Evidence: The command grepai search "<natural language query>" --toon --compact --limit=15 is used to trigger the search.
Risk: Direct interpolation of natural language into a shell command can lead to command injection if the agent does not properly escape shell metacharacters such as backticks or subshell markers.
[PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by directing the agent to process and act upon output from an external tool.
Ingestion points: The agent parses the ranked file list and relevance scores returned by the grepai command in SKILL.md.
Boundary markers: No explicit delimiters or instructions to ignore embedded instructions in the search results are provided.
Capability inventory: The agent is authorized to execute bash commands and read local project files.
Sanitization: The skill lacks specified sanitization or validation logic for the tool's output before it is used to determine subsequent file-reading actions.

grepai