The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill's setup routine in scripts/bibi-check.sh and installation guide in references/installation.md recommend installing the CLI tool by piping a remote script from the vendor's domain directly to the shell using curl -fsSL https://bibigpt.co/install.sh | bash.- [COMMAND_EXECUTION]: The skill utilizes several shell commands across its workflows to facilitate operations. This includes executing Python snippets for URL encoding (python3 -c 'import urllib.parse...'), managing clipboard content via pbcopy and xclip for note export, and writing generated summaries directly to the local directory at ~/Documents/bibigpt-notes/. It also includes a command to install the skill body into the local agent configuration.- [PROMPT_INJECTION]: The skill handles untrusted external data in the form of video transcripts, creating a vulnerability surface for indirect prompt injection.
Ingestion points: Video subtitles are retrieved from the api.bibigpt.co endpoint and processed by the agent in workflows such as workflows/article-rewrite.md.
Boundary markers: The skill lacks explicit delimiters or specific instructions to the agent to disregard potential commands embedded within the fetched video content.
Capability inventory: The skill has the ability to execute shell commands and write to the local file system, making it a high-impact target for successful injections.
Sanitization: No sanitization or validation of the retrieved transcript text is described before it is integrated into prompt construction.- [EXTERNAL_DOWNLOADS]: The documentation suggests downloading and installing the @alipay/agent-payment package from NPM to support automated per-call payments in specific regions.

bibi