The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands like find, shellcheck, and cat to identify and analyze scripts. It specifically instructs the agent to use sudo apt-get and sudo snap for installation, which involves acquiring administrative privileges to modify the system state.- [EXTERNAL_DOWNLOADS]: Fetches the ShellCheck binary from the official GitHub repository releases (koalaman/shellcheck) to provide the core functionality.- [REMOTE_CODE_EXECUTION]: Downloads a binary from an external URL and installs it into /usr/local/bin using a pipeline of curl and tar. This method bypasses standard package managers and executes third-party code as a system utility.- [PROMPT_INJECTION]: The skill processes untrusted local data as part of its workflow. * Ingestion points: Reads all files ending in .sh found via the find command and processes content via stdin. * Boundary markers: No delimiters or ignore instructions are used when passing script content to the analyzer. * Capability inventory: Uses subprocess calls to execute shellcheck on discovered files. * Sanitization: No sanitization or validation of the script content is performed prior to analysis. This ingestion creates a surface where malicious comments or code patterns in processed scripts could influence agent behavior.

shellcheck