The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local scripts to perform specialized analysis tasks. It runs a Node.js script for real-time firehose sampling and generates a temporary Python script string that is executed via a subprocess to perform keyword extraction using an external virtual environment.\n
Evidence: scripts/bsky.py uses subprocess.run in the sample_firehose and extract_keywords functions to execute zeitgeist-sample.js and a dynamically generated Python script respectively.\n- [EXTERNAL_DOWNLOADS]: The documentation instructs users to install standard Node.js dependencies from the public npm registry to enable firehose sampling functionality.\n
Evidence: README.md and SKILL.md specify npm install ws https-proxy-agent for the environment setup.\n- [PROMPT_INJECTION]: The skill processes untrusted data (posts, bios, and firehose data) from the Bluesky network, which presents an indirect prompt injection surface if the agent treats this data as instructions.\n
Ingestion points: get_user_posts, search_posts, get_feed_posts, and sample_firehose in scripts/bsky.py retrieve external text content from Bluesky APIs and WebSockets.\n
Boundary markers: The skill does not implement delimiters or safety instructions when returning extracted post content.\n
Capability inventory: The skill can execute shell commands via subprocess.run and perform network operations via the requests library.\n
Sanitization: No sanitization is performed on the ingested text to mitigate the risk of instruction injection.

browsing-bluesky