The Agent Skills Directory

[COMMAND_EXECUTION]: The fabric project includes an extension system in fabric-repo/internal/plugins/template/extension_executor.go that allows the execution of arbitrary shell commands. It uses exec.Command("sh", "-c", ...) to run binaries and scripts defined in YAML configuration files. While this is an intended feature for extensibility, it poses a risk of command injection if user-provided template variables are not strictly sanitized before execution.
[COMMAND_EXECUTION]: The web interface implementation in fabric-repo/web/src/routes/obsidian/+server.ts uses shell execution (child_process.exec) to perform file system operations such as creating directories and copying files. Although it attempts to escape arguments, using shell commands for file operations is a known risk vector compared to native file system APIs.
[REMOTE_CODE_EXECUTION]: The project's primary README.md and SKILL.md recommend installation and setup via shell one-liners that download and execute scripts directly from GitHub releases (curl | bash and iwr | iex). This is a high-risk pattern as it executes remote code with the user's privileges without prior local inspection.
[EXTERNAL_DOWNLOADS]: The fabric-repo/internal/plugins/template/fetch.go plugin allows the template system to perform automated HTTP GET requests to retrieve content from external URLs. While it implements security constraints like size limits and content type verification, it provides a mechanism for outbound network access from the agent's environment.
[DATA_EXFILTRATION]: The fabric-repo/internal/plugins/template/file.go plugin enables reading of local files. It includes logic to prevent basic directory traversal (checking for '..'), but it still permits the system to read any files accessible by the user, which could lead to sensitive data exposure if used maliciously.

fabric