The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to download code from an untrusted third-party GitHub repository.
Evidence: references/generative-tools.md provides instructions to run git clone https://github.com/jamiepine/voicebox.git.
[REMOTE_CODE_EXECUTION]: The skill suggests building and executing the previously downloaded untrusted code on the local machine.
Evidence: references/generative-tools.md specifies commands make setup and make dev to be run within the cloned Voicebox repository.
[COMMAND_EXECUTION]: The skill utilizes several system commands and local scripts for data management and media generation.
Evidence: SKILL.md references the execution of node tools/clis/google-ads.js for fetching performance data.
Evidence: references/generative-tools.md mentions using npx create-video@latest, npx remotion render, and ffmpeg for video production.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from ad performance reports and external outputs.
Ingestion points: The skill ingests ad copy and campaign performance data via CSV files, manual pastes, or API outputs as described in SKILL.md.
Boundary markers: Absent; the instruction set does not include delimiters or warnings to ignore instructions embedded within the ingested data.
Capability inventory: The skill has the ability to execute local scripts (node), perform network operations (curl), and run media rendering tools (remotion, ffmpeg).
Sanitization: Absent; no validation or filtering of the processed data is mentioned.
[EXTERNAL_DOWNLOADS]: The skill fetches data and performs operations using well-known services for AI generation.
Evidence: references/generative-tools.md includes curl commands targeting Google's Gemini API and the ElevenLabs API, which are well-known technology providers.

ad-creative