The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The polyglot-test-researcher agent analyzes the user's codebase to discover build and test commands, which are then executed by the builder and tester agents using the runCommands tool. This creates a vulnerability where a malicious project could embed harmful commands in configuration files (e.g., package.json or Makefile) that the agent would execute without sanitization. (1) Ingestion points: Project configuration files and source code analyzed during the Research Phase. (2) Boundary markers: None. (3) Capability inventory: runCommands, editFiles, fetch, search, codebase. (4) Sanitization: None.
[Command Execution] (LOW): The skill relies heavily on the runCommands tool to perform builds, tests, and linting. While this is the intended purpose of the skill, the lack of human-in-the-loop verification before executing commands discovered from the codebase poses a risk if the project being tested is untrusted.
[External Downloads] (LOW): The polyglot-test-researcher agent has access to the fetch tool. While no malicious URLs are hardcoded in the prompt, this capability allows the agent to retrieve external data which could potentially be used to exfiltrate information or download malicious configurations if the agent is compromised via indirect prompt injection.

polyglot-test-agent