The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill recommends installing and executing companion skills from unverified third-party GitHub repositories (e.g., 'obra/superpowers', 'sickn33/antigravity-awesome-skills', 'sanyuan0704/code-review-expert', 'ailabs-393/ai-labs-claude-skills') using the npx -y skills add command as described in 'references/related-skills.md'. This allows for the download and execution of unvetted instructions and scripts in the agent's environment.
[COMMAND_EXECUTION]: The skill relies on local script execution and shell commands for its core functions. 'SKILL.md' and 'references/workflow.md' instruct the agent to execute bundled Python scripts (scripts/init_bug_workspace.py, scripts/generate_bug_index.py, scripts/validate_bug_package.py) and standard tools such as rg, find, and zip on the host system.
[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it is designed to read and analyze untrusted code from external repositories. Ingestion points: Data from target repositories is read into the context during analysis phases (Phase 1 and 2 in 'references/workflow.md'). Boundary markers: The skill uses standard Markdown code blocks for evidence in 'references/bug-schema.md', which provides insufficient isolation for untrusted content. Capability inventory: The skill has capabilities to write files and execute shell commands/scripts. Sanitization: No explicit sanitization or filtering of the repository data is performed before processing.

repo-bug-audit