The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Recommends fetching a binary from an external GitHub repository not identified as a trusted source.
Evidence: modules/detection.md suggests downloading from https://github.com/Ataraxy-Labs/sem/releases/latest/download/sem-x86_64-unknown-linux-gnu.
[REMOTE_CODE_EXECUTION]: Instructs the agent to download, grant execution permissions, and run a third-party binary, bypassing standard package management verification.
Evidence: modules/detection.md uses curl followed by chmod +x on the downloaded sem binary.
[COMMAND_EXECUTION]: Provides instructions for installing third-party software using system package managers (cargo, brew).
Evidence: modules/detection.md lists cargo install --locked sem-cli and brew install sem-cli.
[PROMPT_INJECTION]: The skill processes git diff output, creating a surface for indirect prompt injection if the files being diffed contain malicious instructions.
Ingestion points: modules/fallback.md and SKILL.md read output from git diff and sem diff commands.
Boundary markers: Absent; the patterns do not include delimiters or instructions for the agent to ignore instructions embedded within the diff content.
Capability inventory: The skill uses git, grep, rg, and system package managers.
Sanitization: Absent; the skill does not perform validation or escaping of the diff data before processing.

sem-integration