The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (HIGH): The skill is installed via npx skills add OctagonAI/skills, which downloads and executes content from a non-trusted repository. The OctagonAI organization is not on the list of trusted entities.
[REMOTE_CODE_EXECUTION] (HIGH): The setup instructions for macOS users (references/mcp-setup.md) include a piped-to-shell command: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)". This pattern is considered high-risk as it executes remote scripts without prior verification.
[REMOTE_CODE_EXECUTION] (HIGH): The core functionality of the skill relies on npx -y octagon-mcp@latest, which fetches and executes the latest version of an external package from an untrusted provider at runtime.
[COMMAND_EXECUTION] (MEDIUM): Setup for Cursor and Claude involves executing shell commands with sensitive environment variables (e.g., env OCTAGON_API_KEY=<your-api-key>). This can lead to credential exposure in shell history or process listings.
[PROMPT_INJECTION] (LOW): The skill processes Item 1 business descriptions from SEC filings, which are external, untrusted data sources that could contain malicious instructions. Ingestion points: SEC 10-K filings via the octagon-agent tool. Boundary markers: Absent in the tool call definitions provided in SKILL.md. Capability inventory: The octagon-agent tool has broad market intelligence and aggregation capabilities. Sanitization: No sanitization or validation of the retrieved SEC data is described in the provided files.

sec-business-desc-analysis