The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a local Node.js script (search-memory.cjs) via the Bash tool. The command pattern node "${CLAUDE_PLUGIN_ROOT}/scripts/search-memory.cjs" "USER_QUERY_HERE" involves interpolating user-provided search terms directly into a shell command, which creates a surface for command injection if the input is not properly escaped by the execution environment.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). 1. Ingestion points: User-supplied queries and the output of the search script containing past memory data in SKILL.md. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present for either the input query or the script's output results. 3. Capability inventory: The skill utilizes the Bash tool (restricted to node commands). 4. Sanitization: No sanitization or validation of the input query or the retrieved data is specified. This allows potentially malicious content stored in coding memories to influence the agent's future behavior.

supermemory-search