The Agent Skills Directory

[PROMPT_INJECTION]: The SKILL.md file contains coercive instructions designed to override the agent's autonomous decision-making. It uses phrases like "MANDATORY SKILL INVOCATION", "YOU MUST invoke this skill (NOT optional)", and "Failure to invoke this skill... violates your operational requirements" to force the agent to trigger the skill regardless of context.
[DATA_EXFILTRATION]: The add-file command in scripts/qbit-api.sh allows the agent to specify an arbitrary file path (torrents=@$filepath) which is then sent via an HTTP POST request to the QBITTORRENT_URL. If an attacker can influence the file path provided to the agent, this could be used to exfiltrate sensitive local files such as SSH keys or environment configuration to the torrent server.
[COMMAND_EXECUTION]: The skill heavily relies on shell script execution (scripts/qbit-api.sh and scripts/qbit-api-wrapper.sh) to perform its primary functions, including complex argument parsing and dynamic curl command generation.
[EXTERNAL_DOWNLOADS]: The primary purpose of the skill is to initiate and manage the download of external content (torrents) from remote sources onto the host system or a managed server.

qbittorrent