The Agent Skills Directory

[COMMAND_EXECUTION]: In the 'Tool System' section of SKILL.md, the documentation provides an example of a calculatorTool that uses eval(expression) to perform calculations. Using eval() on strings generated by an LLM or provided by external users is a dangerous practice that allows for arbitrary JavaScript execution within the host environment.
[REMOTE_CODE_EXECUTION]: The inclusion of the eval() pattern in the calculatorTool example establishes a vulnerability surface where malicious input could be executed as code. If an agent adopts this pattern for its own tools, it creates a direct path for remote code execution (RCE).
[EXTERNAL_DOWNLOADS]: The skill instructs users to install the @openrouter/sdk package from the npm registry. This is the official SDK from the vendor 'OpenRouterTeam' and is documented as a standard dependency.
[PROMPT_INJECTION]: The skill is a documentation resource and contains an attack surface for indirect prompt injection in SKILL.md.
Ingestion points: The callModel function accepts arbitrary input strings and multimodal content (images/URLs) which are processed by the underlying AI models.
Boundary markers: The provided examples do not demonstrate the use of delimiters or 'ignore' instructions for external data.
Capability inventory: The skill facilitates network operations to the OpenRouter API and demonstrates local code execution capabilities via tools.
Sanitization: The examples do not include sanitization or validation logic for the input processed by the models or executed by tools like the calculatorTool.

openrouter-typescript-sdk