The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The documentation in references/tool-builder.md includes code examples that use the unsafe eval() function to execute expressions directly generated by the AI model. This creates a high risk of arbitrary code execution if the agent is manipulated into producing a malicious payload.\n- [COMMAND_EXECUTION]: The skill configuration in SKILL.md requests broad permissions for shell command execution via npm, npx, node, pnpm, and yarn. These tools allow for the installation of software and execution of scripts on the host system, which could be abused to perform malicious actions.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its design. Ingestion points include client.run inputs, user messages, and file uploads. Capabilities include shell access, webhooks, and cloud-based code execution. Boundary markers and sanitization logic are absent from the provided examples, increasing the risk that the agent may obey instructions embedded in untrusted data.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation and use of the @inferencesh/sdk package. While this is a vendor-owned resource, the broad permission to use the npm tool increases the attack surface for downloading and executing code from external registries.

javascript-sdk