The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to install an external MCP server from the author's domain using the command npx -y mcp-remote@latest https://research.yigitkonur.com/mcp --allow-http. This configures the agent to execute code provided by a remote endpoint.\n- [COMMAND_EXECUTION]: The instructions mandate the use of curl via Bash as a fallback when primary research tools are denied. This encourages the agent to use general-purpose shell execution to circumvent platform-level tool restrictions.\n- [COMMAND_EXECUTION]: The multi-agent orchestrator instructions require launching sub-agents with mode: "bypassPermissions". This setting is intended to allow autonomous operations without individual user approval for each tool execution, which reduces human oversight of the agent's actions.\n- [PROMPT_INJECTION]: The skill contains 'never stop' instructions, explicitly telling the agent: 'Never stop because a tool was denied', 'Do NOT stop — exhaust all available approaches', and 'Do NOT stop working if a tool is denied'. These are instructions to bypass or disregard security constraints imposed by the execution environment.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of scraping untrusted data from the open web and Reddit.\n
Ingestion points: The scrape-links tool is used extensively to fetch content from external URLs in SKILL.md and references/tools.md.\n
Boundary markers: No boundary markers or 'ignore' instructions are used to separate fetched untrusted data from the agent's internal instructions.\n
Capability inventory: The skill utilizes shell access (curl), sub-agent orchestration, and broad network access (web-search).\n
Sanitization: There is no evidence of validation or sanitization of the content retrieved before it is processed by the agent or passed to sub-agents.

run-research