The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/response_io.py uses subprocess.run() to execute other scripts. This is a functional design choice to handle large API responses by delegating execution and persisting output to disk. The implementation uses a list of arguments and shell=False (default), which mitigates command injection risks. Additionally, it includes path sanitization for labels and ensures the target script exists before execution.
[PROMPT_INJECTION]: The skill possesses a standard indirect prompt injection surface as it processes data from the Temu marketplace.
Ingestion points: scripts/ehunt_temu_store_query.py retrieves data from the Nexscope API gateway.
Boundary markers: The skill instructions guide the agent to format the output into a structured table.
Capability inventory: The skill has file-writing capabilities and the ability to execute its internal scripts via subprocess.run().
Sanitization: While the code includes some input parsing, there is no explicit sanitization of external store-provided strings before they are presented to the agent, which is common for data-querying skills.
[EXTERNAL_DOWNLOADS]: The skill fetches store data from the Nexscope proxy gateway (NEXSCOPE_PROXY_BASE). This endpoint is a vendor-owned resource managed by nexscope-ai and is essential for the skill's core functionality.

temu-store-query