The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on the execution of the one CLI tool on the host system to perform all operations, including searching and executing API calls.- [DATA_EXFILTRATION]: The skill interacts with and retrieves 'connection keys' (e.g., conn_abc123) which serve as authentication tokens for sensitive platforms like Gmail and HubSpot. While this is the intended function, it represents a data exposure surface if the agent is manipulated into leaking these keys.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It is designed to ingest and follow instructions from external API documentation ('knowledge') and search results provided by third-party platforms. * Ingestion points: External data enters the context via one --agent actions search and one --agent actions knowledge in SKILL.md. * Boundary markers: No explicit instructions or delimiters are used to warn the agent to ignore instructions embedded in the API responses or documentation. * Capability inventory: The skill has significant capabilities, including the ability to execute write-actions (POST/PUT/PATCH) on 200+ connected platforms through one --agent actions execute. * Sanitization: There is no evidence of sanitization or filtering of the content returned from external APIs before it is processed by the agent.

one-actions