The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The SKILL.md file instructs the agent to offer a remote installation command (curl -fsSL https://raw.githubusercontent.com/dosu-ai/dosu-cli/main/install.sh | sh) if the dosu CLI is not present. While this pattern executes remote code, the URL belongs to the vendor's official organization (dosu-ai), and the skill explicitly requires the agent to wait for user confirmation before execution.
[EXTERNAL_DOWNLOADS]: The skill performs downloads from the vendor's GitHub repository for installation and interacts with various external APIs (GitHub, GitLab, Confluence, Notion, Coda) to import and sync documentation.
[COMMAND_EXECUTION]: The skill's primary functionality relies on executing shell commands via the dosu CLI, including querying knowledge bases, managing team members, and modifying documents.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources.
Ingestion points: Conversation threads from Slack and GitHub, and document imports from platforms like Notion, Confluence, and Coda are ingested into the agent's context in SKILL.md and references/workflows.md.
Boundary markers: There are no specific instructions or delimiters mentioned to isolate or escape content from these external sources to prevent the agent from following embedded instructions.
Capability inventory: The skill possesses significant capabilities, including the ability to write/edit documentation (dosu docs create/update), invite team members (dosu members invite), and publish content to external repositories (dosu docs publish).
Sanitization: No sanitization or validation logic is specified for the data retrieved from external integrations.

dosu