The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses dynamic context injection in SKILL.md to execute a shell command during the skill loading phase. This command checks for the presence of opencli and runs its doctor diagnostic, which may start a background process. Evidence: ! (command -v opencli && opencli doctor 2>&1 | head -5 && echo "READY" || echo "SETUP_NEEDED") 2>/dev/null || echo "NOT_INSTALLED".
[PROMPT_INJECTION]: The skill's primary function is to ingest and display content from Twitter/X, an untrusted external source. This creates a surface for indirect prompt injection where malicious tweets could attempt to influence the agent's behavior. 1. Ingestion points: Data is pulled from Twitter timelines, search results, and user profiles via the opencli tool. 2. Boundary markers: There are no specific delimiters or instruction-isolation markers used when presenting Twitter data to the agent. 3. Capability inventory: The skill utilizes shell command execution to interact with opencli. 4. Sanitization: No sanitization of the external content is performed before it is added to the agent's context.
[EXTERNAL_DOWNLOADS]: The instructions direct the user to download and install a global NPM package (@jackwener/opencli) and a manual Chrome extension from a third-party GitHub repository. Evidence: README.md and SKILL.md recommend npm install -g @jackwener/opencli and downloading the extension from github.com/jackwener/opencli/releases.

twitter-reader