The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The wrapper script scripts/run_search.sh uses the eval command on strings parsed from ~/.bashrc and ~/.zshrc. This is an unsafe practice that allows arbitrary code execution if the profile files contain malicious content or malformed exports.- [DATA_EXFILTRATION] (HIGH): The skill explicitly reads from sensitive shell configuration files (~/.bashrc and ~/.zshrc). Accessing these files is a high-severity concern as they often contain private environment variables, security tokens, and personal configurations.- [EXTERNAL_DOWNLOADS] (MEDIUM): The script scripts/run_search.sh automatically installs the requests Python package via pip3 if it is not found on the system, which involves downloading code from the PyPI registry without explicit user confirmation at runtime.- [PROMPT_INJECTION] (LOW): The skill presents a surface for Indirect Prompt Injection by fetching and processing up to 1000 tweets from the Twitter API. Malicious instructions embedded in tweet content could influence the agent during the data analysis and reporting phase. 1. Ingestion points: Tweet data fetched via twitter_search.py. 2. Boundary markers: No delimiters or ignore instructions are specified for the processed data. 3. Capability inventory: Shell script execution and Python package installation. 4. Sanitization: No sanitization or filtering of tweet text is mentioned.

twitter-search