The Agent Skills Directory

[DATA_EXFILTRATION] (HIGH): The upload.sh script enables the upload of arbitrary local files to the fal.ai CDN via the --file argument. Ingestion points: upload.sh (line 63) accepts a file path directly from user input. Boundary markers: None present. Capability inventory: The script utilizes stat for file metadata and curl --data-binary for network transmission of file content. Sanitization: No validation or path restriction is implemented for the file input. Risk: An attacker could exploit this via indirect prompt injection to exfiltrate sensitive files such as SSH keys or local environment configurations.
[CREDENTIALS_UNSAFE] (MEDIUM): The skill stores sensitive API secrets in plaintext local files. Finding: The --add-fal-key functionality writes the FAL_KEY directly to a .env file in the working directory. Risk: Storing credentials in plaintext on the filesystem is a significant security risk if the environment is accessed by unauthorized users or if the file is accidentally leaked.
[COMMAND_EXECUTION] (MEDIUM): Scripts execute shell commands and inline Python to handle data from external sources. Finding: get-schema.sh and search-models.sh fetch JSON from the fal.ai API and process it using a heredoc-based python3 script. Risk: This pattern increases the attack surface for malformed data from external APIs to exploit parsing logic or the shell environment.
[EXTERNAL_DOWNLOADS] (LOW): The skill makes network requests to fal.ai domains which are not within the trusted external sources list.

fal-generate