The Agent Skills Directory

[COMMAND_EXECUTION]: The skill documents the use of the ^ prefix to execute external system commands from within the Nushell environment (e.g., ^ls, ^df, ^git). It specifically provides patterns for dynamic command execution using string interpolation, such as ^$"($cmd)" ...$args in references/system.md. This pattern allows for the construction of command lines from variables, which presents a command injection risk if the variables are derived from untrusted user input or external data.
[EXTERNAL_DOWNLOADS]: The documentation includes instructions for the http get command to fetch structured data (JSON, CSV, XML) from remote URLs. Examples in references/parsing.md and references/scripts.md demonstrate fetching data from external endpoints, which is a standard feature for data processing but introduces a dependency on remote content integrity.
[PROMPT_INJECTION]: The skill defines a large surface area for indirect prompt injection because its primary purpose is to read and process untrusted data from external files and URLs.
Ingestion points: External data enters the context via open (files), http get (network), and input (interactive prompts).
Boundary markers: The provided documentation examples do not demonstrate the use of delimiters or specific instructions to the agent to ignore embedded commands in the processed data.
Capability inventory: The skill provides access to system-level operations including subprocess execution (^), file system writes (save), and network requests (http get).
Sanitization: While the documentation focuses on data transformation and filtering, it does not provide specific guidance on sanitizing untrusted content to prevent malicious instructions from influencing the agent's behavior.

nu