The Agent Skills Directory

[COMMAND_EXECUTION]: Script templates in the 'Data Processing Pipeline' and 'Conditional Workflow' sections interpolate file content ($(cat $file)) and shell variables ($INPUT_TEXT) directly into command-line arguments. This pattern is vulnerable to command injection because the shell will evaluate any command substitutions or metacharacters contained within the variables or files before executing the infsh tool.- [PROMPT_INJECTION]: The skill demonstrates patterns for processing external data by interpolating it directly into model prompts, creating an attack surface for indirect prompt injection.
Ingestion points: INPUT_TEXT variable in conditional_workflow.sh and file content in data_processing.sh.
Boundary markers: Absent; untrusted data is concatenated directly with prompt instructions.
Capability inventory: File system access (read/write), network operations via curl, and model execution via infsh.
Sanitization: No data validation or escaping is applied to the input content before interpolation.- [DATA_EXFILTRATION]: Provides an example monitoring script that transmits command output and error messages to an external webhook using curl. This mechanism could inadvertently leak sensitive data included in command arguments or execution logs if not carefully implemented.- [EXTERNAL_DOWNLOADS]: Fetches configuration and installation guidelines from the official inference-sh GitHub repository. These references are documented neutrally as vendor-owned resources.- [REMOTE_CODE_EXECUTION]: Recommends adding related skills from the same vendor using the npx skills add command, which downloads and executes external skill packages.

ai-automation-workflows