The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/install-skill-seekers.sh automates the cloning of an external repository from a non-trusted GitHub user (yusufkaraaslan/Skill_Seekers) and proceeds to execute its setup script (setup_mcp.sh) and install dependencies (pip install). This mechanism facilitates the execution of arbitrary remote code from an unverified source.\n- [EXTERNAL_DOWNLOADS]: The skill relies on fetching third-party software from an unverified GitHub account at runtime to provide its core functionality. This behavior is documented in references/skill-seekers-integration.md and implemented in scripts/install-skill-seekers.sh.\n- [COMMAND_EXECUTION]: The skill makes extensive use of shell scripts and the subprocess module to manage external tools. Specifically, references/skill-seekers-integration.md demonstrates the execution of a documentation scraper with parameters derived from user-provided URLs, which increases the risk of command injection.\n- [PROMPT_INJECTION]: The skill has a high vulnerability surface for indirect prompt injection (Ingestion: references/request-analysis.md). It ingests data from untrusted documentation sites and repositories without boundary markers (Boundaries: Absent). The skill has the capability to execute subprocesses and write files (Capabilities: references/skill-seekers-integration.md, references/quality-loops.md). No sanitization of the external content is performed before it is processed by the agent (Sanitization: Absent).

skill-factory