The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions for starting system-level services. In references/DOCKER.md, it directs the agent to start the Docker daemon using sudo dockerd, which is documented as necessary due to the absence of a system manager like systemd in the environment. Additionally, references/PREVIEWS.md uses setsid and nohup to execute application services as background processes.
[DATA_EXFILTRATION]: The skill instructs the agent to communicate with several external platforms. references/GITHUB.md suggests uploading images to external hosts like Imgur to include them in pull requests. references/SLACK.md and references/LINEAR.md use curl to transmit data (messages, comments, issue updates) to the respective Slack and Linear APIs.
[EXTERNAL_DOWNLOADS]: The skill involves fetching content from external APIs. It uses the gh CLI and curl to retrieve pull request details, issues, and conversation history from GitHub, Linear, and Slack.
[PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection (Category 8). It is designed to ingest and process untrusted data from external sources including Slack threads, Linear issues, and GitHub pull requests. Maliciously crafted content within these external platforms could potentially influence the agent's actions as it lacks explicit sanitization or boundary markers for this untrusted input.

replicas-agent