FRED-Navigator

The skill instructs the AI agent to execute local Python scripts (`scripts/fred_query.py`) with user-provided inputs (e.g., `category_id`, `series_id`) as outlined in `SKILL.md`. This creates a significant shell injection vulnerability if the agent constructs and executes these commands directly via a shell without proper sanitization, potentially allowing arbitrary code execution. While the Python script itself uses `argparse` for input, the agent's method of execution is the critical point of risk. Additionally, `scripts/fred_query.py` modifies the default SSL context, which is a minor flag.