The Agent Skills Directory

[Indirect Prompt Injection] (HIGH): The skill lacks input sanitization and boundary markers when handling data from external API responses. It demonstrates patterns where extracted response data (e.g., via 'Integer response body id') is directly interpolated into subsequent requests (e.g., 'GET /users/${id}'). This creates a significant vulnerability surface where a malicious API could inject instructions or manipulate subsequent tool calls.
[Remote Code Execution] (MEDIUM): The skill employs the 'Evaluate' keyword to execute Python code at runtime (e.g., for Base64 encoding credentials). If the variables passed to 'Evaluate' are derived from untrusted external sources, such as API response fields, it constitutes a dynamic execution risk.
[Unverifiable Dependencies] (MEDIUM): Installation instructions require 'pip install RESTinstance'. This library is not from a predefined trusted organization or repository, necessitating independent verification of its security posture before use.

robotframework-restinstance-skill