The Agent Skills Directory

External Downloads (HIGH): The README instructions to clone a repository from an untrusted GitHub account (Frankieli123) or download a ZIP file to install the skill represent a high risk of executing unverified code.
Remote Code Execution (HIGH): The installer scripts (install.sh and install.ps1) perform file system modifications based on an untrusted source. The main functional script (scripts/grok_search.py) is missing from the provided package, meaning the core logic that interacts with the network and processes external data cannot be verified for malicious behavior.
Prompt Injection (MEDIUM): The skill is highly susceptible to indirect prompt injection (Category 8). Evidence: 1. Ingestion points: Real-time web data fetched via a Grok-compatible API. 2. Boundary markers: No delimiters or ignore-instructions warnings are present in the skill metadata or instructions. 3. Capability inventory: The agent is instructed to use this tool for sensitive tasks like retrieving package installation commands and API documentation. 4. Sanitization: Not verifiable due to the absence of the primary search script.
Credentials Unsafe (MEDIUM): The file config.example.json contains a hardcoded API key string (asd3865373). While likely intended as a dummy value, the use of non-standard placeholders is a security risk.
Command Execution (MEDIUM): The installation and configuration documentation recommends using -ExecutionPolicy Bypass for PowerShell scripts, which bypasses local security policies and allows the execution of unsigned code.

grok-search