The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses dynamic context injection (the !``command``` syntax) within the SKILL.mdfile to execute shell commands during the skill loading phase. This is used to check the local installation status ofopencli` and the TradingView plugin.
[EXTERNAL_DOWNLOADS]: The instructions require the user to install a global Node.js package @jackwener/opencli and a separate plugin hosted on GitHub at github.com/himself65/finance-skills.
[DATA_EXFILTRATION]: The skill accesses sensitive session information by retrieving cookies from the TradingView application using the Storage.getCookies command via the Chrome DevTools Protocol. While intended for authenticated data retrieval, this represents a significant data access capability.
[PROMPT_INJECTION]: The skill displays external data, such as news headlines and screener results, which creates a surface for indirect prompt injection. The current implementation lacks explicit boundary markers or delimiters to separate this untrusted data from the agent's instructions.

tradingview-reader