The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill relies on the command npx ai-social, which downloads and executes code from the public npm registry. Since the 'LXGIC Studios' publisher and the ai-social package are not recognized as trusted entities, this pattern constitutes unverified remote code execution.
[EXTERNAL_DOWNLOADS]: The execution of the npx command triggers an automatic download of the package from the external npm repository.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from local markdown files to generate social media posts. * Ingestion points: The skill reads local files (e.g., README.md, blog-post.md) provided as command-line arguments. * Boundary markers: No markers or safety instructions are present to differentiate the input text from the agent's instructions. * Capability inventory: The skill uses the npx execution capability to transform and rewrite input data. * Sanitization: There is no evidence of sanitization, validation, or filtering of the content within the processed files.

social-card-gen