The Agent Skills Directory

[Unverifiable Dependencies] (MEDIUM): The installation instructions require executing 'npx skills add -g BenedictKing/tavily-web'. The source repository is not part of a trusted organization or repository list, classifying it as an unverifiable external dependency.- [Indirect Prompt Injection] (MEDIUM): This skill performs web crawling and content extraction. 1. Ingestion points: External URLs and web content (SKILL.md). 2. Boundary markers: None documented. 3. Capability inventory: Web search and crawling via Tavily API. 4. Sanitization: None documented. This creates a surface where malicious instructions embedded in web pages could hijack the agent's behavior.

tavily-web