The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill's configuration files specify non-existent, future versions for multiple core dependencies in package.json and requirements.txt. Examples include next@^16.1.6 (current 15.x), express@^5.2.1 (current 5.0.x), fastapi@0.128.0 (current 0.115.x), and jest@^30.2.0 (current 29.x). These unverifiable versions prevent the verification of software integrity and pose a potential risk for dependency confusion attacks.
[PROMPT_INJECTION]: Deceptive metadata is present as the SKILL.md frontmatter and attribution comments claim authorship by 'hookdeck' and link to their official repositories, while system metadata identifies the author as 'robinbg'. This inconsistency may lead users to misjudge the skill's safety and origin.
[PROMPT_INJECTION]: The skill handles untrusted data from GitLab webhook payloads and logs it directly to the console, creating an indirect prompt injection surface. * Ingestion points: Webhook request bodies are parsed in examples/express/src/index.js, examples/fastapi/main.py, and examples/nextjs/app/webhooks/gitlab/route.ts. * Boundary markers: No delimiters or warnings are used to isolate untrusted content in the log output. * Capability inventory: Ingested data is primarily used for logging to standard output. * Sanitization: No escaping, filtering, or validation is applied to payload content before it is logged.

gitlab-webhooks