The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides instructions and a setup script ('scripts/setup-ai-elements.sh') that execute 'pnpm dlx ai-elements@latest'. This command downloads and runs code from the NPM registry during the initialization process, representing a vector for remote code execution.- [COMMAND_EXECUTION]: The 'scripts/setup-ai-elements.sh' script executes several shell commands to inspect the local project environment, check for dependencies using Node.js, and perform package installations.- [EXTERNAL_DOWNLOADS]: The skill triggers the download of multiple external packages from the NPM registry, including 'ai', 'ai-elements', and '@ai-sdk/openai'.- [PROMPT_INJECTION]: The skill processes and renders untrusted AI output through a chat interface in 'assets/chat-interface-starter.tsx', creating a surface for indirect prompt injection. * Ingestion points: Chat messages received via the 'useChat' hook in 'assets/chat-interface-starter.tsx'. * Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands in the processed data. * Capability inventory: The skill environment has shell execution and package installation capabilities via the provided setup scripts. * Sanitization: Content is rendered as markdown; there is no explicit sanitization or filtering of instruction-like content in the data stream.

ai-elements-chatbot