The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted data from web search engines and WHOIS records. This data directly influences the agent's validation logic and shell command parameters.\n * Ingestion points: Web search results and WHOIS registry data.\n * Boundary markers: None present to distinguish between instructions and data.\n * Capability inventory: Bash tool, WebSearch tool, and WebFetch tool.\n * Sanitization: No sanitization logic is described for processing external domain strings or WHOIS fields.\n- [COMMAND_EXECUTION]: The skill executes bash commands by interpolating the {domain} variable directly into a shell string: whois {domain} | grep .... Because the domain variable may be derived from untrusted web search results, an attacker could potentially provide a malicious domain string containing shell metacharacters to achieve command injection.

domain-discovery