The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/fetch.sh uses npx --yes agent-fetch to dynamically download and execute code from the npm registry. This pattern executes unpinned remote code without a confirmation prompt.
[EXTERNAL_DOWNLOADS]: The skill sends user-requested URLs to external services defuddle.md and r.jina.ai for content extraction. It also uses curl to fetch arbitrary data from the web, including images and PDF files.
[COMMAND_EXECUTION]: The skill relies on various system tools and CLI utilities, including pdftotext, marker_single, gh, and playwright. It also executes shell commands for parallel data processing such as image downloading with curl.
[EXTERNAL_DOWNLOADS]: Documentation in references/read-methods.md instructs users to install multiple third-party dependencies and binaries, such as playwright, marker-pdf, and poppler.
[PROMPT_INJECTION]: The skill processes untrusted web content which presents a surface for indirect prompt injection.
Ingestion points: External URLs and PDFs fetched in scripts/fetch.sh, scripts/fetch_feishu.py, and scripts/fetch_weixin.py.
Boundary markers: Absent; fetched content is displayed without delimiters or instructions to ignore embedded commands.
Capability inventory: Includes file writing to ~/Downloads/, network operations via curl, and execution of various local tools.
Sanitization: None; external content is converted to Markdown and provided directly to the agent without escaping or validation.

read