The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The scripts/agent.py script fetches package metadata from the official PyPI JSON API (pypi.org) and the npm registry API (npmjs.org). It also retrieves download statistics from pypistats.org and api.npmjs.org. These are standard operations for a package auditing utility and target well-known, trusted services.
[PROMPT_INJECTION]: The skill ingests untrusted metadata, such as package descriptions and summaries, from external registries during its analysis. Ingestion points: The query_pypi_package and query_npm_package functions in scripts/agent.py. Boundary markers: None. Capability inventory: Reporting results to the console and writing JSON reports to disk. Sanitization: None. While this creates an indirect prompt injection surface if a malicious package author embeds instructions in their registry metadata, the overall risk is minimal as the skill performs no autonomous actions or command execution based on that data.

detecting-typosquatting-packages-in-npm-pypi