The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill provides a link to an external installation script at https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md. This script is hosted on the vendor's repository and is required for setting up the CLI environment.
[COMMAND_EXECUTION]: The skill frequently uses the infsh CLI tool to run specific applications for searching, image generation, and social media posting. Execution is correctly scoped in the frontmatter to only allow infsh commands.
[REMOTE_CODE_EXECUTION]: Includes a Python script intended to be executed via the infsh/python-executor app for generating charts. The script is provided as a static block within the skill body.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests and processes untrusted data from the exa/search tool without defining strict boundary markers or sanitization logic. * Ingestion points: Tool output from the exa/search application. * Boundary markers: Absent; search results are directly processed by the agent. * Capability inventory: Tool execution (infsh), network access (via social media posting tools), and image generation. * Sanitization: No explicit filtering or validation of search content is present.

technical-blog-writing