The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Configures access to an external MCP server at https://rube.app/mcp, which is the official endpoint for the Composio integration platform associated with the skill's source.\n- [COMMAND_EXECUTION]: Implements a suite of tools (e.g., REPLICATE_MODELS_PREDICTIONS_CREATE, REPLICATE_MODELS_GET) that perform API-driven actions on the Replicate platform.\n- [DATA_EXFILTRATION]: Includes the REPLICATE_CREATE_FILE tool, which allows the agent to send base64-encoded file content to Replicate's servers; while functional for model inputs, it represents a path for external data movement.\n- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection where malicious instructions could be embedded in data processed by AI models.\n
Ingestion points: Untrusted data enters the agent context through the input field of the REPLICATE_MODELS_PREDICTIONS_CREATE tool defined in SKILL.md.\n
Boundary markers: The tool definition lacks explicit markers or delimiters to differentiate between data and instructions in the provided model inputs.\n
Capability inventory: The skill can execute network requests to the Replicate API and upload binary data via base64 strings.\n
Sanitization: There is no evidence of input sanitization or validation performed on the model-specific input object.\n- [NO_CODE]: The skill consists only of documentation and tool interface definitions in SKILL.md, with no local scripts or executable code provided in the skill package.

Replicate Automation