The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill recommends global installation and execution of the shersh npm package. This source is not part of the trusted organizations list, posing a risk of executing unverified external code.
COMMAND_EXECUTION (MEDIUM): The sher link command automatically detects and runs build scripts (e.g., from package.json). If an agent is used on an untrusted or malicious repository, this results in arbitrary command execution via the project's build configuration.
DATA_EXFILTRATION (MEDIUM): The skill's primary function is to upload the contents of local directories (dist/, build/, out/, or the current directory) to the sher.sh domain. While this is the intended purpose, it constitutes data exfiltration of potentially sensitive local project data to a non-whitelisted third-party service.
PROMPT_INJECTION (LOW): Vulnerable to indirect prompt injection (Category 8). The skill ingests untrusted data from the project root (e.g., package.json), lacks explicit boundary markers for these inputs, possesses subprocess execution and network capabilities, and does not specify sanitization procedures for the project files it processes.

sher-deploy