The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes the @xmtp/convos-cli package from the NPM registry. This is a core component provided by the technology vendor for platform interaction.
[COMMAND_EXECUTION]: The skill makes extensive use of shell commands to manage messaging, identities, and group administration. It provides Bash 'bridge scripts' that utilize coproc and jq to create a real-time communication loop between the agent and the messaging CLI.
[PROMPT_INJECTION]: The skill contains instructions that could be interpreted as behavioral overrides, such as 'These aren't suggestions' and 'Tell people they can shape your behavior by talking to you,' which may influence how the agent responds to user input.
[PROMPT_INJECTION]: (Indirect Prompt Injection) The skill creates a significant attack surface by processing untrusted data from an external messaging network.
Ingestion points: Untrusted message content is received via the convos agent serve stdout stream as documented in the bridge script templates in SKILL.md.
Boundary markers: The provided bridge scripts do not implement boundary markers or instructions to isolate or ignore commands embedded in the incoming message content.
Capability inventory: The agent has access to powerful administrative commands, including add-members, remove-members, and the explode command for permanent conversation destruction.
Sanitization: No sanitization, escaping, or validation is performed on the message data before it is interpolated into the agent's processing logic.

convos-agent