The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides a command to download and execute a script from a remote URL directly in the user's shell: curl -fsSL https://raw.githubusercontent.com/AnandChowdhary/continuous-claude/HEAD/install.sh | bash. This pattern allows an external source to execute arbitrary code on the local system.
[EXTERNAL_DOWNLOADS]: The skill references and downloads code from a GitHub repository (AnandChowdhary/continuous-claude) that is not associated with the skill author or a trusted organization.
[COMMAND_EXECUTION]: The described automation patterns rely heavily on executing shell commands for repository management, git operations, and CI/CD interactions (e.g., gh pr create, gh run view), which significantly increases the impact of a potential compromise of the autonomous loop.
[PROMPT_INJECTION]: The skill documents architectures for autonomous agents that ingest untrusted external data, creating a surface for indirect prompt injection.
Ingestion points: The agents read and process specification files (e.g., specs/component-spec.md), RFC documents, and external CI logs retrieved via the gh run view command.
Boundary markers: The provided implementation patterns do not include any explicit boundary markers or instructions to the LLM to ignore potentially malicious embedded instructions in the processed data.
Capability inventory: The agents possess extensive capabilities, including modifying the filesystem, committing and pushing code to git, and interacting with GitHub PRs and workflows.
Sanitization: There is no evidence of sanitization, escaping, or validation of the external content before it is interpolated into agent prompts.

autonomous-loops