The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches configuration and data from Cloudflare's official GitHub repository and Google's official API endpoints (googleapis.com), which are well-known and trusted services.
[COMMAND_EXECUTION]: Executes shell commands using curl and jq via bash -c to interact with the API, which is the primary intended functionality of the skill.
[PROMPT_INJECTION]: The skill retrieves untrusted external data (Category 8) from YouTube that could contain instructions. 1. Ingestion points: API responses in SKILL.md containing video metadata and user-generated comments. 2. Boundary markers: Absent; data is passed directly to the agent context. 3. Capability inventory: Uses curl, bash, and jq for data retrieval and processing. 4. Sanitization: No sanitization or escaping is performed on the text retrieved from the API.

youtube