The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands with administrative privileges using sudo to install the cloc utility on Linux-based systems (e.g., sudo apt install cloc, sudo dnf install cloc). It also utilizes complex CLI commands involving pipes and shell loops to aggregate results across project directories.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of software from several external registries and repositories, including npm, Homebrew, Chocolatey, and the Docker Hub image aldanial/cloc.\n- [REMOTE_CODE_EXECUTION]: The skill suggests installing global packages from the npm registry (npm install -g cloc) and running third-party container images (docker run aldanial/cloc), which involves executing code from external sources during the setup and bootstrap phase.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it explicitly instructions the agent to respect and execute commands found in an AGENTS.md file located within the repository being scanned. This allows the repository content to override agent constraints or trigger malicious operations.\n
Ingestion points: AGENTS.md file, repository source files.\n
Boundary markers: Not used; the skill instructions direct the agent to 'confirm scope and constraints' from the repo file without isolation.\n
Capability inventory: Shell command execution (via package managers and cloc), file system access, and network access via package installation tools.\n
Sanitization: No sanitization or validation of the instructions provided by the AGENTS.md file is implemented.

cloc