The Agent Skills Directory

[COMMAND_EXECUTION]: The skill dynamically generates and executes shell scripts (prepare.sh and eval/eval.sh) during the 'Test & Iterate' phase (Phase 5). This behavior allows for arbitrary command execution on the host system if the generated script content is influenced by malicious user input or untrusted data.
[REMOTE_CODE_EXECUTION]: The documentation and troubleshooting sections suggest that prepare.sh is intended to download external data or dependencies (e.g., via curl or wget). The execution of these scripts in Phase 5.1 (bash prepare.sh) constitutes a remote code execution risk, especially since the skill does not verify the integrity or source of the downloaded content.
[CREDENTIALS_UNSAFE]: In Phase 6.3b, the skill requests an administrative key (HIVE_ADMIN_KEY) from the user and subsequently passes it as a plaintext command-line argument (--admin-key <key>) to the hive CLI tool. This is a dangerous pattern for credential management as it can expose secrets in process lists, shell history, and system logs.
[PROMPT_INJECTION]: The skill functions as a factory for agent instructions, taking user input to populate the program.md template. This creates an Indirect Prompt Injection surface where malicious instructions can be embedded in the task definition to override the behavior of downstream agents that ingest the generated repo.

hive-create-task