The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to utilize several powerful shell utilities, including openssl, xxd, python3, node, and perl. These tools are capable of system-level operations if misconfigured or provided with malicious input parameters.
[EXTERNAL_DOWNLOADS]: The skill documents procedures for fetching external data using curl and wget. Although the provided examples use placeholder domains (example.com), the capability to download and process remote content is a fundamental component of the skill's utility.
[PROMPT_INJECTION]: The skill is designed to process and decode untrusted data (e.g., API responses and JWT payloads), creating a surface for indirect prompt injection where malicious instructions could be embedded in encoded content.
Ingestion points: Remote API responses via curl, local file reads, and string-based decoding of JWT segments.
Boundary markers: There are no delimiters or specific 'ignore instructions' warnings implemented to ensure the agent does not interpret decoded data as behavior-altering commands.
Capability inventory: The skill uses dynamic code execution methods (python3 -c, node -e) that could be leveraged if an attacker provides a payload that escapes the intended transformation logic.
Sanitization: No input validation, escaping, or output sanitization is present in the provided templates.

base64-encoding