The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill ingests untrusted data from users (project names, slugs, and repository URLs) and interpolates them into shell-based curl commands, creating a potential surface for indirect injection. • Ingestion points: Project 'name', 'slug', and 'repository' URL fields. • Boundary markers: Absent; data is placed directly into JSON payloads or URL paths. • Capability inventory: Execution of subprocesses (curl) as described in SKILL.md. • Sanitization: Absent; no explicit escaping or validation of user-provided strings is mentioned.- [Command Execution] (SAFE): Use of curl for API interaction is the primary and intended purpose of this skill. The commands are well-structured for the Read the Docs v3 API.- [Credentials Unsafe] (SAFE): The skill requires an API token (RTD_TOKEN) but correctly recommends using environment variables and explicitly warns the agent not to log or print the token in responses.

readthedocs-project-manager