The Agent Skills Directory

[COMMAND_EXECUTION]: The skill is designed to execute shell commands using the instagram-cli utility to manage Instagram direct messages, including reading threads, sending responses, and downloading media.
[PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection. Ingestion points: Untrusted data enters the agent context via instagram-cli inbox and instagram-cli read in SKILL.md. Boundary markers: The instructions lack delimiters or explicit warnings to the agent to ignore instructions embedded within the retrieved message text. Capability inventory: The agent can perform impactful actions including instagram-cli send, reply, unsend, and file-system writes via the --download flag. Sanitization: No sanitization or validation of the retrieved message content is described before the agent processes or responds to it. This configuration allows external content from Instagram DMs to potentially influence the agent's behavior.

instagram-skill