The Agent Skills Directory

[COMMAND_EXECUTION]: The TypeScript code snippet for the preprocessAudio function in SKILL.md uses the execSync function to run an ffmpeg shell command. The inputPath variable is interpolated directly into the command string using template literals (e.g., ffmpeg -y -i "${inputPath}" ...). Because the input is not sanitized or escaped, this pattern is vulnerable to command injection if an attacker can control the filename of the audio file being processed. A malicious filename such as file.wav"; touch /tmp/pwned; " could result in arbitrary command execution on the host system. By contrast, the Python implementation in references/code-patterns.md uses the safer subprocess.run method with a list of arguments, which is not vulnerable to this type of shell injection.

speak-sdk-patterns