The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes a shell script, scripts/research.sh, that executes system commands such as curl and python3 to interact with Amazon's autocomplete service.
[COMMAND_EXECUTION]: A command injection vulnerability is present in scripts/research.sh because the user-supplied keyword is interpolated directly into a Python command string within a shell variable, allowing for potential arbitrary code execution.
[PROMPT_INJECTION]: The SKILL.md instructions include broad trigger conditions designed to capture vague user queries, which attempts to override default agent behavior and steer responses toward the skill's functions.
[PROMPT_INJECTION]: The skill processes untrusted external data from web searches and Google Trends. The workflow lacks boundary markers and sanitization for this data, creating an attack surface for indirect prompt injection. Ingestion occurs during competitor and trend analysis (Steps 2 and 3) in SKILL.md, and the agent has capabilities for script execution and further web access. No boundary markers or sanitization logic are present in the provided files.
[EXTERNAL_DOWNLOADS]: The skill package is fetched from the nexscope-ai GitHub repository via npx during the installation phase.
[DATA_EXFILTRATION]: The skill queries official Amazon autocomplete endpoints and Google Trends with user-provided search terms to retrieve research data.

amazon-keyword-research