The Agent Skills Directory

CREDENTIALS_UNSAFE (HIGH): The file references/implementation.md provides explicit instructions for the AI agent to load API credentials from {baseDir}/config/crypto-apis.env. Directing an AI to access secret-containing environment files increases the risk of credential leakage into conversational logs or context.\n- COMMAND_EXECUTION (MEDIUM): The scripts/analyzer.py file uses dynamic path manipulation (sys.path.insert) to load modules from a path computed at runtime. This technique, when combined with the broad Bash(python:*) permissions requested in SKILL.md, creates a potential vector for code execution if local paths are compromised.\n- EXTERNAL_DOWNLOADS (LOW): The skill documentation (SKILL.md) instructs the user or agent to install the requests and pandas packages via pip. These are standard libraries but constitute unverified external dependencies at the time of installation.\n- DATA_EXFILTRATION (LOW): The skill creates an attack surface for indirect prompt injection. Ingestion point: JSON response from CoinGecko API in scripts/analyzer.py. Boundary markers: None. Capability inventory: Bash, Write, Edit. Sanitization: No explicit sanitization of API data before processing or display.\n- SAFE (SAFE): No evidence of obfuscation, persistence mechanisms, or direct prompt injection (DAN/jailbreak) was found in the analyzed scripts or documentation.

scanning-market-movers