The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The scripts/vad.py script uses torch.hub.load to download and execute code from a third-party GitHub repository (snakers4/silero-vad) at runtime for voice activity detection.
[CREDENTIALS_UNSAFE]: The skill programmatically retrieves sensitive API keys and tokens (OPENAI_API_KEY, HF_TOKEN) from the user's 1Password vault via the op CLI in scripts/transcribe.sh and scripts/vad.py.
[COMMAND_EXECUTION]: The workflow performs numerous shell operations across fifteen different scripts, including system-level hardware management via udisksctl mount in scripts/find-recordings.sh and extensive use of external binaries like ffmpeg, rclone, and youtubeuploader.
[EXTERNAL_DOWNLOADS]: The scripts/download-gdrive.sh script uses gdown to download content from arbitrary Google Drive URLs provided as input to the workflow.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted audio transcripts and uses them to generate summaries and action items. Since the agent has the capability to write to the vault and access the network, instructions embedded in recorded speech could potentially trigger unintended actions.
[COMMAND_EXECUTION]: In scripts/transcribe.sh, the skill can execute a user-provided Python binary via the OBSIDIAN_VAD_VENV environment variable, which constitutes dynamic execution from a computed path.

transcribe-meeting