The Agent Skills Directory

[COMMAND_EXECUTION]: The skill mandates the execution of 'python3 -m pip install -e . --break-system-packages' and 'npx skills add "$PWD" -g --all'. These commands perform persistent system-level changes and bypass standard environment protections (PEP 668) designed to prevent system package corruption.- [REMOTE_CODE_EXECUTION]: The skill retrieves task artifacts from an orchestrator agent ('orch') and proceeds to install and register that code. This creates a functional chain for executing code provided by external sources, which could be malicious.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8). It ingests untrusted artifact data from the 'orch' agent (Ingestion point: SKILL.md) and interpolates it into the system environment via the mandatory refresh step (Capability: pip/npx execution). There are no boundary markers or sanitization steps documented to prevent malicious instructions within the received artifacts from triggering unintended system actions.

gang-worker