The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill is designed to clone a third-party repository from GitHub and then dynamically 'trigger' and execute a skill definition file (SKILL.md) located inside that repository. This allows for the execution of arbitrary logic and commands fetched from an untrusted remote source at runtime.- [EXTERNAL_DOWNLOADS]: The workflow performs a git clone of the repository git@github.com:heimanba/oss-video-skill.git into the local workspace. This repository is not associated with a trusted organization.- [COMMAND_EXECUTION]: The skill explicitly runs shell commands including cd and git clone to pull external code into the {WORKSPACE_DIR}.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface because it processes and follows instructions from an external file (.qoder/skills/oss-video/SKILL.md) which could contain malicious payloads or prompt overrides.
Ingestion points: Reads and executes instructions from the cloned .qoder/skills/oss-video/SKILL.md file.
Boundary markers: No boundary markers or 'ignore embedded instructions' warnings are present to isolate the external instructions from the agent's core logic.
Capability inventory: The skill has capabilities to clone repositories and trigger further skill workflows which include dependency installation and video rendering via shell commands.
Sanitization: No validation or sanitization is performed on the content of the remote SKILL.md before execution.

oss-styles