The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The implementation of the FileCache class in scripts/cache.py uses the Python pickle module (pickle.load and pickle.dump) to store and retrieve cached analysis and performance data in the .awesome-code/cache directory. The pickle module is known to be vulnerable to arbitrary code execution during deserialization. If an attacker can write to the local cache directory, they could execute arbitrary commands when the skill retrieves data from the cache. It is recommended to use safer serialization formats like JSON or yaml.safe_load.
[COMMAND_EXECUTION]: The skill relies extensively on executing system commands to fulfill its primary functions. The scripts/test_runner.py script executes test frameworks (pytest, unittest, jest) via subprocess.run. The scripts/git_helper.sh script executes Git and GitHub CLI (gh) commands. scripts/performance_benchmark.py runs code multiple times to measure execution speed. These capabilities are necessary for the skill's operation but grant the AI agent broad control over the local environment and the ability to execute project-specific code.
[PROMPT_INJECTION]: The skill contains multiple 'Iron Laws' in various agent instructions (e.g., agents/code-reviewer/SKILL.md, agents/tdd-workflow/SKILL.md). These are strict directives like 'NO MERGE WITHOUT CODE REVIEW FIRST' and 'NO PRODUCTION CODE WITHOUT A FAILING TEST FIRST.' These instructions are designed to override the agent's default behavior and enforce specific engineering workflows, which is a form of behavioral instruction override.
[REMOTE_CODE_EXECUTION]: The skill includes a dedicated path discovery script, scripts/get_path.py, which provides the agent with absolute paths to all its executable scripts. This allows the agent to dynamically locate and invoke the skill's internal logic regardless of the installation directory.

awesome-code