The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The documentation in references/security-setup.md provides an installation command that pipes a remote shell script directly to a shell interpreter: curl ... https://github.com/j178/prek/releases/latest/download/prek-installer.sh | sh. This pattern is high-risk because the source repository belongs to an unverified third-party user (j178) rather than a trusted organization or well-known service.
[COMMAND_EXECUTION]: The migration guide in SKILL.md includes a shell loop that reads lines from requirements.txt and passes them as arguments to the uv add command. This represents an indirect command injection surface (Category 8) where malicious content in the input file could influence tool behavior or attempt to exploit the shell environment.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download and execution of several external tools and templates. While resources from astral-sh and trailofbits are considered safe due to their well-known status, the suggested execution of a standalone installer from an unverified individual repository (j178/prek) does not meet safety standards for automated scripts.

modern-python