The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill documentation and scripts suggest installing a package from an untrusted source (https://github.com/mcmero/labarchives-py). This repository is not on the trusted list of organizations or repositories.
PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection. It ingests data from LabArchives notebooks which could contain malicious instructions embedded by anyone with notebook access. Evidence Chain: 1. Ingestion points: scripts/notebook_operations.py (API responses from user_access_info and notebook_backup). 2. Boundary markers: No markers or 'ignore' instructions are present in the provided scripts. 3. Capability inventory: File system write access for backups, and API methods for creating entries/attachments. 4. Sanitization: No sanitization of retrieved notebook content is implemented.
CREDENTIALS_UNSAFE (SAFE): The skill handles sensitive API keys but provides a setup script that sets restricted file permissions (0o600) for the configuration file and avoids hardcoded secrets.

labarchive-integration