The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): Detected a potential indirect prompt injection surface in the Raycast bash script example.
Ingestion point: The '$PROJECT' variable is populated directly from the shell argument '$1'.
Boundary markers: None present in the provided snippet.
Capability inventory: The script executes the 'code' command (VS Code) using the unsanitized input.
Sanitization: No input validation or escaping is performed, which could allow shell injection if a malicious project name is provided.
[EXTERNAL_DOWNLOADS] (LOW): The documentation includes instructions to install the '@raycast/api' package via npm.
Context: While '@raycast/api' is the standard library for the intended purpose, the organization is not on the predefined trusted list. The severity is kept at LOW as it is essential for the skill's primary purpose and is a well-known developer tool.

raycast-alfred