The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the npx utility to execute the skills CLI tool for searching and installing packages. Evidence includes the use of npx skills find [query] and npx skills add <package> -g -y.- [EXTERNAL_DOWNLOADS]: It downloads external skills from the npm registry and GitHub repositories based on user queries or recommendations. It specifically mentions fetching guidelines from vercel-labs/agent-skills, which is a trusted organization.- [REMOTE_CODE_EXECUTION]: The skill facilitates the installation and execution of remote code. The use of the -y flag in the installation command (npx skills add <owner/repo@skill> -g -y) automates the process and bypasses manual confirmation prompts, which could be exploited if a malicious package name is provided.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of untrusted search results. * Ingestion points: Search results from the skills registry provided by npx skills find. * Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the search result processing logic. * Capability inventory: The skill can execute shell commands via npx to install software globally on the system. * Sanitization: No sanitization or validation of search results is performed before presenting options to the user or executing installation commands.

find-skills