The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill instructions specify running npx getdesign@latest add <slug> to fetch brand design tokens. This command downloads and executes the latest version of an external package from the npm registry at runtime, which represents a remote code execution vector from an unverified source.
[COMMAND_EXECUTION]: The skill employs several shell commands to manage files and preview output, including mkdir -p to create local directories, cd to change the working directory, and open to launch the generated HTML file in the user's default browser.
[EXTERNAL_DOWNLOADS]: The use of npx involves downloading external assets or packages from a remote repository during the 'Brand Style Extension' workflow, which occurs outside of the skill's local files.
[PROMPT_INJECTION]: The skill processes untrusted user input (descriptions and chart data) to generate HTML and CSS. While instructions advise the agent not to use Javascript, the lack of explicit sanitization or boundary markers (such as 'ignore embedded instructions' warnings) for the interpolated user content creates a surface for indirect prompt injection or cross-site scripting (XSS) in the generated file.

chart-craft-plus