The Agent Skills Directory

Arbitrary File Write: The script scripts/rest_request.py allows the destination path for saved API responses to be specified via input. This provides a mechanism where the agent could potentially be directed to write data to sensitive locations on the file system, such as application configurations or user profiles.
Network Request Flexibility: The skill allows the target base_url to be defined at runtime. While the instructions are scoped to PharmGKB, the underlying script can communicate with any reachable network endpoint, which represents a surface for Server-Side Request Forgery (SSRF).
Indirect Prompt Injection Surface: The skill processes external data which may be untrusted. Instructions embedded in the API response could potentially influence the agent's behavior during the summarization phase.
Ingestion points: Data is retrieved from the external URL defined by the base_url and path input fields in scripts/rest_request.py.
Boundary markers: The skill does not currently use explicit boundary markers or instructions to ignore potential commands within the retrieved API data.
Capability inventory: The script scripts/rest_request.py performs network requests and file system writes.
Sanitization: Content is parsed as JSON or text but is not sanitized to remove potential agent instructions before being presented for summarization.

pharmgkb-skill