The Agent Skills Directory

[PROMPT_INJECTION]: The skill utilizes a $ARGUMENTS placeholder directly within its primary instruction set. This structure allows user-supplied input to potentially override the agent's logic or inject instructions that bypass the intended code analysis framework.- [REMOTE_CODE_EXECUTION]: The instructions direct the agent to execute npx playwright-cli as a fallback. This pattern involves the dynamic download and execution of code from the public npm registry at runtime. The lack of version pinning or integrity checks for this remote package introduces a supply chain risk.- [COMMAND_EXECUTION]: The skill relies on shell-based tools including curl and playwright-cli to perform its tasks. These tools provide the agent with the ability to execute arbitrary network requests and interact with the filesystem based on instructions that could be influenced by external data.- [EXTERNAL_DOWNLOADS]: The 'Web Fetch Strategy' involves downloading data from arbitrary external URLs to retrieve documentation. Processing unvalidated content from the web, especially when combined with the agent's ability to persist data to the research/web/ directory, presents a risk of processing malicious payloads.- [DATA_EXFILTRATION]: While intended for documentation, the skill's combined capability to read from the local filesystem (specifically the research/web/ path) and make outbound network requests via curl creates a potential surface for data exfiltration if the agent is misled by malicious instructions.

explain-code