The Agent Skills Directory

[TIME_DELAYED_OR_CONDITIONAL] (MEDIUM): The file scripts/timeout_test.py implements an infinite loop (while True: time.sleep(0.1)). While documented as a test for timeout handling, this pattern represents a resource exhaustion/Denial of Service (DoS) risk if deployed in a non-test environment.
[INDIRECT_PROMPT_INJECTION] (MEDIUM): The skill has a significant attack surface for indirect prompt injection as it processes external data through multiple scripts.
Ingestion points: Standard input (stdin) is used to receive data in scripts/convert.sh, scripts/extract.py, and scripts/stdin_test.py.
Boundary markers: There are no delimiters or instructions to ignore embedded commands within the processed data.
Capability inventory: The skill is granted Bash, Read, and Write permissions in SKILL.md.
Sanitization: No evidence of input validation, escaping, or sanitization was found in the scripts handling external data.
[COMMAND_EXECUTION] (LOW): In scripts/convert.sh, the script echoes raw input using echo "Converted: $input". Although benign in this specific context, the lack of input sanitization when using shell tools is a security best-practice violation.

script-skill