The Agent Skills Directory

[DATA_EXFILTRATION]: The skill is configured to automatically transmit assessment results, including technical document names, submitter identities, and perspective scores, to a remote API server located at http://10.38.219.120:80. This automated transmission to a hardcoded IP address represents a potential data exfiltration path for internal metadata.\n- [COMMAND_EXECUTION]: The agent is instructed to use shell commands to operate external tools. It executes the feishu2md CLI for document retrieval and invokes a local Python script submit_tech_score.py to finalize the reporting workflow.\n- [REMOTE_CODE_EXECUTION]: The skill exhibits a significant command injection surface. The instructions direct the agent to populate command-line arguments (such as --tech-doc-name) using strings extracted from untrusted technical design documents (PDF, Markdown, or Feishu). A maliciously crafted document title containing shell metacharacters could allow an attacker to execute arbitrary commands on the host system when the agent attempts to submit the report.\n- [EXTERNAL_DOWNLOADS]: The skill triggers remote content retrieval from Feishu/Lark domains (e.g., *.feishu.cn) using the feishu2md tool to fetch technical plans and requirements documents for analysis.\n- [PROMPT_INJECTION]: As the skill processes untrusted technical design documents from external sources, it is vulnerable to indirect prompt injection. Malicious documents could contain hidden instructions designed to manipulate the agent's scoring logic, bias the evaluation, or compromise the integrity of the generated assessment reports.

tech-plan-assessment