The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides installation commands that fetch scripts from remote servers and pipe them to the shell for execution.
Evidence:
Fetches the platform CLI script from https://cli.inference.sh in SKILL.md.
Downloads installation scripts for the uv tool from https://astral.sh in references/cli.md.
Instructs the use of setup scripts for fnm from https://fnm.vercel.app and nvm from https://raw.githubusercontent.com in references/cli.md.
[COMMAND_EXECUTION]: Several CLI commands and shell scripts are recommended for configuring the development environment and managing application lifecycle.
Evidence:
The Windows installation command for uv utilize powershell -ExecutionPolicy ByPass to run a remote script.
Multiple infsh CLI commands are used for initializing projects, testing locally, and deploying to the cloud.
[PROMPT_INJECTION]: The skill defines an application architecture that processes external user data, creating a surface for potential indirect prompt injection attacks.
1. Ingestion points: The AppInput and RunInput models defined in inference.py and inference.js accept arbitrary text strings as input (e.g., prompt field).
1. Boundary markers: While the skill uses structured data schemas (Zod/Pydantic) to isolate input fields, the examples do not demonstrate the use of LLM-level delimiters to prevent instruction injection within the strings.
1. Capability inventory: Applications built with this skill have capabilities to read and write to the filesystem via the File class, make network requests to AI service providers (OpenAI, HuggingFace), and interact with Google Workspace data via OAuth integrations.
1. Sanitization: Inputs undergo schema-based type validation via Pydantic or Zod, but the content of these inputs is not sanitized for malicious instructions that could influence LLM behavior.

building-inferencesh-apps