The Agent Skills Directory

[PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface. It is designed to ingest and process untrusted data from external blog websites using fetch_content(url) and local HTML file parsing as defined in SKILL.md. There is an absence of boundary markers or instructions to the agent to ignore embedded commands within the scraped HTML. The agent's capability to generate Python code that is subsequently executed in a GitHub Actions environment increases the potential impact of instructions hidden in malicious websites.
[COMMAND_EXECUTION]: The skill automates the creation of executable scripts. It instructs the agent to write Python code to feed_generators/ and add execution targets to makefiles/feeds.mk. These scripts are then triggered via make or python commands, creating a workflow where the agent's output directly leads to command execution in a CI/CD context.
[EXTERNAL_DOWNLOADS]: The generated code is explicitly intended to fetch content from arbitrary remote URLs. While essential for its function as a web scraper, this involves automated network operations targeting non-whitelisted external domains.

cmd-rss-feed-generator