The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell commands via the gen-ai CLI tool. In render-director.md, the command gen-ai upload-to-drive <slug>/explainer.mp4 --name "<the title>" incorporates an agent-generated title string. This pattern is vulnerable to command injection if the title contains shell metacharacters and the execution environment does not perform adequate sanitization.
[PROMPT_INJECTION]: The skill provides an 'auto mode' that bypasses standard human-in-the-loop approval gates. This mode is triggered by phrases such as 'yolo' or 'no checks'. While documented as a feature, it grants the agent high autonomy to spend significant amounts of user credits (estimated 1500-3000) without explicit confirmation of the intermediate creative artifacts.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection during its automated research phase.
Ingestion points: WebSearch and WebFetch tools are used in research-director.md to retrieve content from the internet.
Boundary markers: There are no specific delimiters or instructions to ignore embedded commands within the fetched web data.
Capability inventory: The skill can execute shell commands through the gen-ai CLI and perform filesystem writes to project directories.
Sanitization: There is no evidence of escaping or validation performed on the external data before it influences the script and scene generation.
[EXTERNAL_DOWNLOADS]: The research-director.md file mandates the use of WebSearch and WebFetch to gather information from various online sources to ground the video's factual claims.
[DATA_EXFILTRATION]: The skill includes built-in functionality to upload local project files and generated media to a remote storage service (Google Drive) via the gen-ai upload-to-drive command.

gen-ai-explainer