The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: Automated analysis identified a pattern where remote data from a target API is piped to the Python interpreter. Specifically, the command curl -s https://target-api.example.com/api/docs/swagger.json | python3 was flagged as a high-risk remote code execution vector. While the skill's code uses the json.tool module or static parsing scripts, piping untrusted external data into a runtime execution environment is a dangerous pattern.
[CREDENTIALS_UNSAFE]: The skill documentation includes hardcoded example authentication tokens. For instance, SKILL.md contains a Bearer token (eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...). Hardcoding secrets or example credentials in instructions can lead to accidental exposure if users do not correctly manage their own production tokens.
[DATA_EXFILTRATION]: The skill performs automated, systematic access to API resources by swapping object identifiers between user accounts. (1) Ingestion point: API responses and OpenAPI specifications. (2) Boundary markers: None present to distinguish untrusted data. (3) Capability inventory: Network requests via requests and curl. (4) Sanitization: None; data drives logic directly. This capability provides a mechanism for large-scale data collection and potential exfiltration.
[COMMAND_EXECUTION]: The skill utilizes shell commands like curl to interact with external network services and orchestrate data flow. It relies on the execution of host binaries and the shell's piping mechanisms to process information.
[EXTERNAL_DOWNLOADS]: The skill's workflow depends on downloading potentially large API specification files from external, user-specified URLs. This introduces a supply-chain risk if the source of the specification is compromised.

testing-api-for-broken-object-level-authorization