The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The /ffmpeg endpoint in SKILL.md allows for the execution of a full_command parameter. The documentation explicitly encourages the AI to construct shell-like commands (e.g., ffmpeg -y -i {input} ... {output}). This is a significant security risk as it provides a direct interface for command injection if an attacker can influence the input strings.
[EXTERNAL_DOWNLOADS] (HIGH): Automated scanners (URLite) have flagged the domain api.upload-post.com used in requirements.md and SKILL.md as blacklisted. Interacting with a blacklisted domain is a high-risk activity that could lead to data theft or exposure to malicious payloads.
[REMOTE_CODE_EXECUTION] (MEDIUM): While the FFmpeg execution happens on a remote server, the ability for the AI agent to dynamically generate and transmit executable logic to an unverified external service constitutes a remote code execution risk relative to the agent's tasks.
[INDIRECT_PROMPT_INJECTION] (HIGH):
Ingestion points: The skill fetches untrusted external data via the /uploadposts/reddit/detailed-posts endpoint (which returns media URLs and post metadata).
Boundary markers: None detected. The skill does not implement delimiters or instructions to ignore embedded commands in the fetched Reddit data.
Capability inventory: The skill possesses extensive "write" capabilities, including social media posting and custom FFmpeg processing.
Sanitization: There is no evidence of sanitization for external content before it is processed by the AI or passed to the FFmpeg endpoint.
[CREDENTIALS_UNSAFE] (LOW): The skill documentation includes placeholders for YOUR_API_KEY. While not a direct leak, it encourages the storage and transmission of sensitive credentials to a service with a questionable reputation.

upload-post