The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill explicitly commands the agent to download scripts from a remote GitHub repository and pipe them directly into a shell (bash) or execution environment (PowerShell iex) without any verification of the content.
Evidence in SKILL.md: curl -sSL https://raw.githubusercontent.com/asynkron/Asynkron.QuickDup/main/install.sh | bash
Evidence in SKILL.md: iwr -useb https://raw.githubusercontent.com/asynkron/Asynkron.QuickDup/main/install.ps1 | iex
[EXTERNAL_DOWNLOADS]: The skill requires downloading external code and tools from a third-party repository (github.com/asynkron/Asynkron.QuickDup) that is not identified as a trusted source.
Evidence in SKILL.md: go install github.com/asynkron/Asynkron.QuickDup/cmd/quickdup@latest
[COMMAND_EXECUTION]: The skill instructions involve executing several shell commands to bootstrap environment state and run the installed binary.
Evidence in SKILL.md: command -v quickdup, go version, rg --files ...
[INDIRECT_PROMPT_INJECTION]: The skill processes project files and tool-generated outputs which could potentially contain malicious instructions designed to influence the agent's refactoring decisions.
Ingestion points: The agent reads C# source files (.cs), Razor files (.razor), and tool output files (results.json, duplicates.html) as specified in the Workflow and Examples.
Boundary markers: Absent. There are no instructions to the agent to treat external file content as untrusted or to use delimiters.
Capability inventory: The skill has the capability to execute shell commands (quickdup, curl, bash), write files (.quickdup/ignore.json), and modify repository source code.
Sanitization: Absent. No validation or escaping is performed on the ingested data before it is reviewed by the agent.

dotnet-quickdup