Teambition

The skill manages Teambition integration via an MCP server and uses shell commands (echo, grep, cut) in SKILL.md to read and write configuration data and user IDs to local files. These instructions lack input sanitization, creating a potential shell injection vulnerability if the agent handles malicious user-provided URLs or IDs. Additionally, the skill requires 'npx' and manages authentication tokens in local files, which are high-risk capabilities that, while plausible for the stated purpose, require careful handling to prevent exploitation.