The Agent Skills Directory

REMOTE_CODE_EXECUTION (HIGH): The setup instructions for macOS recommend installing Homebrew using a piped remote execution command, which is a high-risk security practice.
Evidence: Found in references/mcp-setup.md: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)".
Risk: Piped execution of remote scripts bypasses local inspection and is highly susceptible to server-side compromise or network-based attacks.
EXTERNAL_DOWNLOADS (MEDIUM): The skill is installed using npx and a custom CLI to fetch code from the OctagonAI GitHub repository, which is not a pre-approved trusted source.
Evidence: npx skills add OctagonAI/skills in README.md.
Risk: Downloading and executing code from unverified third-party repositories can lead to the installation of malicious software.
COMMAND_EXECUTION (MEDIUM): Installation and configuration require executing shell commands that download and run npm packages dynamically.
Evidence: npx -y octagon-mcp and Windows-specific cmd /c strings in README.md and references/mcp-setup.md.
PROMPT_INJECTION (LOW): The skill's primary function is to ingest and analyze external SEC filings, which exposes the agent to indirect prompt injection risks.
Ingestion points: SKILL.md describes the flow where octagon-agent tool processes text from SEC filings.
Boundary markers: No specific delimiters (e.g., XML tags or strict formatting) are suggested in the prompt construction to isolate external data from instructions.
Capability inventory: The skill can read and synthesize financial data using the octagon-agent tool.
Sanitization: No sanitization or escaping of the ingested data is described in the provided workflow.

sec-footnotes-analysis