The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The Prepare.bat script downloads an installation script for the uv tool from https://astral.sh/uv/install.ps1 and a busybox.exe executable from https://frippery.org/files/busybox/busybox64u.exe. While astral.sh is a well-known source for Python tooling, frippery.org is an external domain used to host BusyBox binaries for Windows.
[COMMAND_EXECUTION]: The skill performs several system-level operations during its preparation phase.
Prepare.bat queries the Windows Registry (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 244850) to locate the game's installation path.
It uses mklink /J to create directory junctions for SteamScripts and LocalScripts, connecting the skill folder to the game's Workshop and AppData directories.
run_prepare.sh and Prepare.bat execute shell commands to synchronize the Python environment using uv sync and manage file cleanup.
The skill provides the agent with the ability to run various UNIX-like commands through busybox.exe and specialized search operations via Python scripts.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from the Space Engineers Workshop.
Ingestion points: Content is read from Script.cs files within the SteamScripts/ and LocalScripts/ directories by index_scripts.py.
Boundary markers: Absent. The search results generated by search_scripts.py output raw code snippets directly into the agent's context without delimiters or instructions to ignore embedded commands.
Capability inventory: The skill allows for shell command execution (via BusyBox) and Python script execution, which could be abused if the agent obeys instructions found within the indexed scripts.
Sanitization: Absent. The indexing and search processes do not filter or sanitize the source code content for potential malicious instructions or prompt injection patterns.

se-dev-script