The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Facilitates downloading and installing external packages from repositories like GitHub and the NPM registry. While the documentation highlights trusted sources such as Vercel Labs, the functionality allows for the installation of arbitrary, unverified code.
[COMMAND_EXECUTION]: Utilizes the npx command-line tool to interact with the local shell. Specifically, it employs the -y flag to skip installation confirmations and the -g flag for global installation, which reduces user oversight during the execution of remote code.
[REMOTE_CODE_EXECUTION]: The primary function of the skill is to extend the agent's capabilities by downloading and executing third-party scripts and tools. This creates a path for remote code to be introduced and executed within the agent's environment.
[PROMPT_INJECTION]: The skill interpolates user-provided search queries directly into shell commands (e.g., npx skills find [query]). This lacks sanitization or boundary markers, creating a surface for indirect prompt injection or command injection if a user provides specially crafted input.
Ingestion points: User-provided search terms in SKILL.md.
Boundary markers: None; search terms are directly interpolated.
Capability inventory: Execution of shell commands via npx.
Sanitization: None; no validation or escaping of the user query is described.

find-skills