The Agent Skills Directory

[COMMAND_EXECUTION]: The documentation includes multiple code examples demonstrating the use of the Python eval() function to process arguments provided by tool calls (e.g., in references/tool-builder.md and references/agent-patterns.md). Since tool arguments are generated by the agent based on potentially untrusted user input, this pattern facilitates arbitrary code execution.
[COMMAND_EXECUTION]: The skill documents and promotes the use of internal_tools().code_execution(True), which grants agents the capability to execute code in their environment.
[DATA_EXFILTRATION]: The SDK provides a feature for 'Automatic File Upload' where local file paths provided as string inputs are automatically read and uploaded to the inference.sh cloud service. This creates a risk where an attacker could influence the agent to provide sensitive local file paths (such as ~/.ssh/id_rsa or .env files), leading to silent data exfiltration.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of the inferencesh package from the public Python Package Index (PyPI) and suggests installing additional skills using npx from the author's remote repository.
[COMMAND_EXECUTION]: The YAML frontmatter explicitly allows the execution of pip install and arbitrary python commands via the allowed-tools configuration.

python-sdk