The Agent Skills Directory

[Indirect Prompt Injection] (MEDIUM): In Step 1, the skill ingests untrusted data (title, body, comments) from the 'voxel51/fiftyone' repository via the 'gh' CLI. This data is the primary source for 'keyword' extraction in subsequent steps.
[Command Execution] (MEDIUM): The extracted 'keyword' is interpolated into shell commands including 'gh issue list', 'git log', and 'grep' (Steps 2 and 5). There is a lack of boundary markers or sanitization logic to prevent an attacker from crafting an issue that results in a keyword containing shell metacharacters (e.g., semicolons, pipes, or backticks), potentially leading to arbitrary command execution in the agent's environment.

fiftyone-issue-triage