The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the installation of the agentcash package from the NPM registry, which is an external dependency from an unverified source. Evidence: Instructions in rules/getting-started.md and SKILL.md to run npm install -g agentcash.
[REMOTE_CODE_EXECUTION]: The skill uses npx agentcash@latest to dynamically download and execute the latest version of the tool from the internet at runtime, which is a significant remote code execution vector. Evidence: Multiple commands in SKILL.md such as npx agentcash@latest fetch and npx agentcash@latest discover.
[COMMAND_EXECUTION]: The agent is instructed to execute shell commands to interact with the agentcash CLI for wallet management and API interaction. Evidence: Usage of npx agentcash@latest wallet info and complex fetch commands with flags for methods and bodies.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from Reddit posts and comments. 1. Ingestion points: Reddit post content (selftext) and comments (body) fetched from https://stableenrich.dev/api/reddit/search and https://stableenrich.dev/api/reddit/post-comments. 2. Boundary markers: Absent. The skill does not provide delimiters or instructions to the agent to ignore potential instructions embedded within the fetched Reddit content. 3. Capability inventory: The agent has the capability to perform network requests via the CLI and present the resulting data to the context. 4. Sanitization: Absent. No filtering, validation, or sanitization steps are mentioned to clean the Reddit data before processing.

social-intelligence