The Agent Skills Directory

[COMMAND_EXECUTION]: The documentation provides instructions to execute shell commands using npx to add components and related skills (e.g., npx shadcn@latest add and npx skills add). These are standard for adding developer tools but involve running external code.
[EXTERNAL_DOWNLOADS]: The skill references and downloads UI component configurations from https://ui.inference.sh/r/widgets.json. These resources originate from the vendor's infrastructure associated with the skill.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to render UI based on "structured agent responses." If an agent processes untrusted external data and incorporates it into these JSON widgets, it could be manipulated into rendering deceptive interfaces.
Ingestion points: Processes "structured agent responses" that may contain data fetched from external tools or web content (e.g., in SKILL.md).
Boundary markers: No specific delimiters or warnings for the agent to ignore embedded instructions in the rendered data are documented.
Capability inventory: Supports rendering interactive forms, buttons, inputs, and images which can be used for phishing or social engineering.
Sanitization: The documentation does not specify validation or sanitization requirements for the agent-generated JSON before it is rendered by the WidgetRenderer component.

widgets-ui