The Agent Skills Directory

Remote Code Execution (CRITICAL): The skill uses a highly dangerous pattern where it fetches remote HTML content and executes it directly through the Node.js environment. Any compromise or malicious data on the target website could lead to a full system takeover.\n
Evidence (SKILL.md): The provided example command pipes the output of curl through sed and directly into node -e, which executes the resulting string.\n
Evidence (scripts/fetch-trending.js): This script fetches data from DexScreener and uses vm.runInNewContext to evaluate a string constructed from the remote response.\n- Dynamic Execution (CRITICAL): The skill relies on the Node.js vm module to parse data. As documented by Node.js, vm is not a security sandbox and can be bypassed using well-known techniques to gain access to the host process and execute shell commands.\n
Evidence: scripts/fetch-trending.js uses vm.runInNewContext('data = ' + match[1], sandbox) on unvalidated remote input.\n- Indirect Prompt Injection (HIGH): The skill is designed to ingest and process untrusted data from a third-party DEX platform, creating a large attack surface for injection.\n
Ingestion points: scripts/fetch-trending.js and SKILL.md fetch content from dexscreener.com.\n
Boundary markers: None present. The untrusted data is processed and displayed without isolation.\n
Capability inventory: The skill can execute arbitrary JavaScript and system commands, which can be triggered by the processed data.\n
Sanitization: None. The skill assumes the remote data is well-formatted and safe, performing no validation before execution.

meme-scout