political-struggle-history

The skill is classified as suspicious due to the combination of allowing the `Bash` tool and a critical prompt injection vulnerability in `SKILL.md`. The instruction '如果脚本执行报错，使用 Bash 工具中的 `allowed-tools` 权限直接运行并排查问题' (If the script execution errors, use the `Bash` tool's `allowed-tools` permission to directly run and troubleshoot the problem) explicitly directs the AI agent to use `Bash` for debugging in case of script failure. This creates a significant attack surface where a malicious user could intentionally cause the `scripts/search_views.py` script to fail and then, through prompt injection, guide the agent to execute arbitrary shell commands under the guise of 'troubleshooting'. While the `search_views.py` script itself appears to perform legitimate web searches using the Tavily API (requiring `TAVILY_API_KEY`), the broad `Bash` permission and the debugging instruction introduce a high-risk vulnerability.