The Agent Skills Directory

Command Execution (HIGH): The file-manager skill invokes powershell -ExecutionPolicy Bypass to execute the ninja_deploy.ps1 script. This script dynamically modifies C# source code using regular expressions to synchronize class names with filenames and subsequently copies these files to the NinjaTrader strategies directory (bin/Custom/Strategies). This grants the agent the ability to modify and deploy executable trading logic.
Remote Code Execution (HIGH): The V9_001 test agent instructions include commands to build (dotnet build) and execute (V9_ExternalRemote.exe) a binary project. This constitutes a direct path for the agent to compile and run potentially untrusted code on the host system.
External Downloads (MEDIUM): Scripts in the web-artifacts-builder skill (init-artifact.sh and bundle-artifact.sh) perform automated installations of numerous Node.js dependencies from external registries (e.g., parcel, vite, tailwindcss) during the project initialization and bundling phases.
Data Exposure (LOW): Multiple configuration and script files, such as Launch_Latest_Remote.ps1 and the nt8-backup-manager documentation, hardcode absolute local file paths that reveal the system username ('Mohammed Khalid') and internal directory structures.
Indirect Prompt Injection (LOW): The ai-code-review-collaboration skill and the 'Brain & Hands' protocol involve processing user-provided code for review and delegating file operations across different AI models. This workflow lacks robust input sanitization or boundary markers, creating a surface for indirect prompt injection where malicious code snippets could influence agent behavior.

ai-code-review-collaboration