The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script ('search.py') using command-line arguments derived directly from user requests. This creates a risk of command injection if the script does not rigorously sanitize its inputs. Additionally, it directs the agent to perform administrative system updates and software installations using 'sudo apt update' and 'sudo apt install', which constitutes privilege escalation.
[EXTERNAL_DOWNLOADS]: The documentation guides the agent to download and install software from external package managers including Homebrew, APT, and Winget to satisfy environment prerequisites.
[PROMPT_INJECTION]: The skill implements a 'Master + Overrides' persistence pattern that introduces a vulnerability to indirect prompt injection. By reading design rules from locally stored markdown files ('design-system/MASTER.md') to influence future code generation, the skill allows potentially malicious content from one session to subvert agent behavior in later sessions. Ingestion points: User-supplied keywords passed to the search script and the contents of 'design-system/MASTER.md' or 'design-system/pages/*.md'. Boundary markers: None identified; the agent is instructed to read and prioritize instructions from these files without explicit delimitation. Capability inventory: Writing to the local filesystem via the '--persist' flag and generating executable web and mobile application code. Sanitization: The skill does not describe any sanitization or validation of the design system content before it is used to construct generation prompts.

ui-ux-pro-max