The Agent Skills Directory

[Data Exposure & Exfiltration] (LOW): The skill uses curl to perform network requests to the Read the Docs API (RTD_HOST). While these are intended for the skill's primary purpose, they involve sending an authorization token to a non-whitelisted external domain.
Evidence: curl -s -H "Authorization: Token $RTD_TOKEN" targeting ${RTD_HOST} in SKILL.md.
[Indirect Prompt Injection] (LOW): The skill processes data from external API responses (e.g., redirect lists). Malicious data stored in Read the Docs (like a redirect description) could potentially influence the agent's behavior.
Ingestion points: Data returned from GET requests to ${RTD_HOST}/api/v3/projects/{slug}/redirects/.
Boundary markers: None specified for the API response data.
Capability inventory: curl for reading, creating, updating, and deleting redirects.
Sanitization: No explicit sanitization of the API data is mentioned before processing.
[Command Execution] (LOW): The skill provides curl command templates for the agent to execute. While these are restricted to API interactions, they represent a surface for command execution.
Evidence: Multiple curl examples for CRUD operations in SKILL.md.

readthedocs-redirects-manager