The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted external data (web URLs, YouTube transcripts, and local files) as input to AI patterns. Ingestion points: fabric -u [URL], fabric -y [URL], and content piped via cat or echo. Boundary markers: None. Capability inventory: Shell execution (fabric, cat, etc.), file writing (-o), and network access (scraping). Sanitization: No sanitization or escaping of external content is performed before processing.\n- [COMMAND_EXECUTION]: The skill relies on executing the 'fabric' CLI tool and various shell utilities (cat, echo, pbpaste, mkdir, rm, mv) with arguments constructed from user input. This includes creating temporary pattern files in ~/.config/fabric/patterns/ and executing them.\n- [EXTERNAL_DOWNLOADS]: The skill fetches content from the web, YouTube, and Spotify via the 'fabric' tool. It also instructs the user to install the tool from a remote GitHub repository using go install and update patterns using fabric -U.\n- [DATA_EXFILTRATION]: The skill facilitates reading local files or clipboard content and sending that data to external LLM providers (via the fabric tool) for analysis. While this is the intended use-case, users should be aware of the data flow to remote services.

fabric-patterns