The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The skill provides instructions for the agent to run shell commands using the ddgr tool. The recommended usage pattern ddgr --noua --np --json "search query" is highly susceptible to shell command injection if the agent interpolates user input directly into the string without rigorous escaping. An attacker could use a query like "; rm -rf / # to execute arbitrary commands.\n- [PROMPT_INJECTION] (HIGH): This skill presents a significant Indirect Prompt Injection surface (Category 8). It ingests untrusted external content from the internet (search results) into the agent's context. There are no boundary markers or instructions to ignore embedded commands in results. An attacker who can influence search result snippets could inject malicious instructions that the agent might subsequently execute.\n- [EXTERNAL_DOWNLOADS] (LOW): The skill relies on an external binary ddgr which must be installed via brew or pip. While jarun/ddgr is a reputable open-source project, the installation of third-party binaries is a minor risk factor.

ddgr