The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The file references/01-agent-folder-structure.md contains a Python example (DataProcessorAgent) that utilizes pandas.eval() to dynamically add columns to a DataFrame based on expressions provided in an options object. This pattern is highly susceptible to arbitrary code execution if the transformation expressions are sourced from untrusted or user-supplied data.
[REMOTE_CODE_EXECUTION]: Both references/07-project-organization.md and references/08-integration-deployment.md provide implementation patterns for dynamic module loading using the require() function with computed file paths (e.g., require(path.resolve(file))). Loading modules from paths that can be influenced by external input is a dangerous practice that can lead to the execution of arbitrary local files.
[EXTERNAL_DOWNLOADS]: An example in references/01-agent-folder-structure.md demonstrates fetching data from arbitrary URL endpoints using the requests library. If an agent implemented using this template allows users to specify the endpoint URL, it could be exploited for Server-Side Request Forgery (SSRF) or unauthorized data exfiltration.
[COMMAND_EXECUTION]: The references/04-testing-tools.md file provides a reporting utility example that launches a Puppeteer browser instance with the --no-sandbox and --disable-setuid-sandbox flags. Disabling the browser's isolation sandbox is a major security risk that could allow a compromised web page or malicious HTML content to escape the browser and execute code on the host system.

custom-sub-agents