The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (SAFE): Fetches model list from https://router.huggingface.co/v1/models. This domain is associated with HuggingFace, a trusted entity, which downgrades the download finding to SAFE/INFO per [TRUST-SCOPE-RULE].
[PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection as it processes untrusted data from an external API and web search results to modify configuration files.
Ingestion points: Model IDs are fetched via WebFetch and model details are gathered via web search in SKILL.md (Workflow steps 1 and 4).
Boundary markers: Absent. There are no instructions for the agent to ignore or delimit potentially malicious content within the fetched data.
Capability inventory: The skill has file-write access to chart/env/prod.yaml and chart/env/dev.yaml, and can execute git commands (Workflow steps 6 and 7).
Sanitization: Absent. The agent interprets external search results and formats them into JSON/YAML without validation or sanitization of the input strings.

add-model-descriptions