idea-incubator

[Skill Scanner] Instruction directing agent to run/execute external content This skill's description and capabilities are broadly consistent with its stated purpose (idea incubation, spec generation, archiving). However the Archive mode instructs the agent to execute a local script using a user-supplied file path ('uv run .agent/skills/idea-incubator/scripts/sync_to_pg.py <file_path>'). That behavior is risky because the script is unspecified in this fragment and could perform arbitrary filesystem reads, database operations, or network exfiltration. There are no hardcoded secrets or obfuscation in the provided skill file, but the ability to execute local scripts and write to a DB without provenance checks or sandboxing makes this component suspicious from a supply-chain/security perspective. Recommend auditing the sync_to_pg.py script, restricting allowed file paths, and requiring explicit user consent or content previews before execution. LLM verification: The idea-incubator skill’s conversational and spec-generation features appear benign and purposeful. The notable security concern is the archive flow that instructs running an external local script (`sync_to_pg.py`) with a user-supplied file path via an unspecified runner (`uv run`). Because the script is not included for review, this creates a trust boundary where arbitrary local code could read sensitive files, misuse database credentials, or perform network exfiltration. Treat the archive fea