The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill documentation instructs the agent to use npx -y @talesofai/neta-skills@latest to execute various commands. This pattern downloads and runs code from the NPM registry at runtime. As the package is owned by the skill's author, this is the intended delivery mechanism for the vendor's tools and is considered safe in this context.
[DATA_EXFILTRATION]: The upload command is designed to read files from the local filesystem and upload them to the vendor's remote servers (Neta API/OSS). This behavior is a core functionality for media creation skills and is described clearly in the documentation.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the read_collection command, which retrieves user-generated or platform-stored content to influence the agent's planning and generation. Ingestion points: Data is ingested through the read_collection command (documented in references/collection-remix.md) which fetches preset descriptions and execution planning from the Neta API. Boundary markers: The instructions do not specify any delimiters or safety warnings to distinguish the retrieved external data from the agent's internal instructions. Capability inventory: Across its scripts, the skill can perform file uploads (upload), generate images (make_image), videos (make_video), and songs (make_song). Sanitization: There is no evidence of sanitization or validation for the data returned by the read_collection tool before it is used to influence subsequent generation steps.

neta-creative