The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill ingests and processes content from external URLs to generate logic, creating a surface for indirect prompt injection where a malicious website could influence the AI's generation process.
Ingestion points: The url and goal parameters are used to fetch and analyze external data in SKILL.md.
Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore embedded instructions within the fetched website content.
Capability inventory: The skill executes the opencli generate shell command, which performs network operations and generates file artifacts.
Sanitization: No explicit sanitization or validation of the content retrieved from the external URL is mentioned in the skill definition.
[COMMAND_EXECUTION]: The skill documentation describes a process where user-supplied strings (url and goal) are interpolated directly into a shell command: opencli generate <url> [--goal <goal>]. This poses a risk of command injection if the underlying execution platform does not properly escape or sanitize these inputs before execution.

opencli-generate