The Agent Skills Directory

CREDENTIALS_UNSAFE (HIGH): A hardcoded API key was detected in the auto-generated configuration file.
Evidence: File config.bash contains ZAKAT_API_KEY="${ZAKAT_API_KEY:-k8090qKpozfSNHV8MvODYtbK8E24M1yveTiAXh0zipjzDtdF}". Hardcoding credentials in source files or generated scripts is a major security risk.
COMMAND_EXECUTION (HIGH): The skill is vulnerable to command injection through the dynamic generation of config.bash from config.json.
Evidence: In lib/config.sh, values extracted from config.json (like calculation.method) are interpolated directly into a heredoc that creates config.bash. This generated file is then sourced by the application. An attacker providing a malicious value in config.json (e.g., 20"; rm /tmp/test; ") could execute arbitrary shell commands.
DATA_EXFILTRATION (LOW): The skill makes numerous network requests to external Islamic utility APIs.
Evidence: Requests are made to api.aladhan.com, islamicapi.com, ilm.islamic.network, and api.alquran.cloud. While these are legitimate for the skill's purpose, they represent a data egress point for the parameters sent (location coordinates, search terms).
PROMPT_INJECTION (LOW): The skill handles Quran search results and quotes from external APIs which could potentially contain indirect prompt injections.
Evidence: Files src/quran_search.py and lib/quran.sh process text from external sources. If these APIs were compromised, malicious instructions could be presented to the agent. No sanitization of these outputs is present.
DATA_EXFILTRATION (LOW): The skill generates persistence instructions (CRON_ADD) for scheduling prayer reminders.
Evidence: Found in src/scheduler.py and lib/scheduler.sh. While this is the primary purpose of the feature, users should review generated cron jobs to ensure they do not perform unauthorized actions.

islamic-companion