The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Recommends installing the slopmop Python package using pipx. The package originates from an unverified third-party repository (ScienceIsNeato organization on GitHub), which presents a potential supply chain risk.
[COMMAND_EXECUTION]: The skill relies on executing various shell commands using the sm CLI, such as sm sail, sm swab, and sm refit, which have the capability to modify files and workflow state within the local repository.
[PROMPT_INJECTION]: The command sm buff <PR_NUMBER> is used to ingest and process feedback from Pull Requests. This represents an indirect prompt injection surface where instructions embedded in PR comments could influence the agent's actions during code remediation.
[PROMPT_INJECTION]: Evidence Chain: (1) Ingestion points: Pull Request feedback retrieved via sm buff <PR_NUMBER>. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded prompts are provided in the skill guidelines. (3) Capability inventory: The skill can execute shell commands and perform repository-wide maintenance tasks. (4) Sanitization: The instructions do not specify any validation or sanitization of the content ingested from the PR feedback.

slopmop