The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes a platform-specific CLI tool infsh to perform various tasks such as image generation and browsing. These commands are executed within a restricted environment defined by the allowed-tools frontmatter field, which limits Bash execution to the infsh command set.
[EXTERNAL_DOWNLOADS]: The skill references an external installation guide for the CLI tool located at https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md. It also suggests using npx to add related skills from the inference-sh repository. These are standard practices for the intended ecosystem.
[DYNAMIC_EXECUTION]: The skill uses the infsh app run command to execute various remote AI models (e.g., falai/flux-dev-lora, infsh/agent-browser). This is the intended functional design of the platform for generating product visuals and performing automated tasks.
[INDIRECT_PROMPT_INJECTION]: As a tool designed to format and summarize product updates, there is a theoretical surface for indirect prompt injection if it processes untrusted data (like commit messages or PR descriptions). However, the skill provides static templates and does not contain exploitable logic that would escalate this risk beyond a standard usage scenario.

product-changelog