The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches and installs the pagliacci-pp-cli tool using npx from the @mvanhorn/printing-press package and via go install from the github.com/mvanhorn/printing-press-library repository.
[DATA_EXFILTRATION]: The CLI tool provides a --deliver webhook:<url> flag that allows the agent to send command outputs, which may contain sensitive order history or delivery addresses, to an arbitrary external URL.
[DATA_EXFILTRATION]: Supports a feedback mechanism that can transmit data to a remote server defined by the PAGLIACCI_FEEDBACK_ENDPOINT environment variable.
[COMMAND_EXECUTION]: Requires the installation and execution of a custom binary (pagliacci-pp-cli) to interact with the pizza service.
[CREDENTIALS_UNSAFE]: The auth login --chrome command is designed to extract sensitive authentication cookies directly from the user's Google Chrome browser session.
[PROMPT_INJECTION]: The skill ingests untrusted data from the Pagliacci API (such as menus and order history) that is subsequently processed by the agent, creating a surface for indirect prompt injection.
Ingestion points: Data from store list, menu cache, and orders list enter the agent context via SKILL.md instructions.
Boundary markers: Absent; the skill does not use delimiters to isolate external data from instructions.
Capability inventory: Executes shell commands via the Read Bash tool.
Sanitization: Absent; API responses are passed to the agent without filtering or validation.

pp-pagliacci