The Agent Skills Directory

[COMMAND_EXECUTION]: The skill demonstrates and recommends the use of the Python eval() function within a 'Calculator' tool. This pattern is inherently insecure as it allows an agent to execute arbitrary Python code based on input that could be influenced by untrusted sources via RAG.
Evidence: Found in SKILL.md (func=lambda x: eval(x)) and references/agents.md (return str(eval(expression))).
[COMMAND_EXECUTION]: The documentation introduces and demonstrates the ShellTool, which enables the agent to execute arbitrary shell commands on the host system.
Evidence: Found in references/integration.md (shell = ShellTool() and agent = create_agent(model=llm, tools=[shell])).
[REMOTE_CODE_EXECUTION]: The skill demonstrates the use of PythonREPLTool, which allows the agent to execute arbitrary Python code in a REPL environment.
Evidence: Found in references/integration.md (python_repl = PythonREPLTool() and agent = create_agent(model=llm, tools=[python_repl])).
[REMOTE_CODE_EXECUTION]: The integration guide mentions and demonstrates loading vector store indices with allow_dangerous_deserialization=True, which is a known vector for arbitrary code execution if the index file is compromised.
Evidence: Found in references/integration.md in the FAISS loading example.
[INDIRECT_PROMPT_INJECTION]: The skill's primary focus is building RAG pipelines, which creates a significant attack surface for indirect prompt injection.
Ingestion points: Uses WebBaseLoader, PyPDFLoader, DirectoryLoader, and CSVLoader to pull data from external, untrusted sources into the agent's context (found in SKILL.md and references/rag.md).
Boundary markers: Code snippets lack explicit boundary markers or instructions to ignore embedded commands in retrieved text.
Capability inventory: The agent is granted high-privilege capabilities including eval(), ShellTool, and PythonREPLTool.
Sanitization: No evidence of sanitization or validation of retrieved content before it is processed by the agent or passed to tools.

agents-langchain