The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill's primary installation instructions command users to download and execute scripts from an untrusted domain (fudankw.cn) using bash -c and PowerShell's iex. This pattern allows for arbitrary code execution from a remote source without inspection.
Evidence: bash -c "$(curl -fsSL http://fudankw.cn:9000/files/ga_install.sh)" in SKILL.md
Evidence: irm http://fudankw.cn:9000/files/ga_install.ps1 | iex in SKILL.md
[COMMAND_EXECUTION]: The framework provides "9 Atomic Tools" that grant the agent full system-level control, specifically "Terminal Execution" and "Python REPL". This allows the agent to execute any shell command or Python script on the host machine.
Evidence: Descriptions of tools for terminal and Python execution in SKILL.md.
[EXTERNAL_DOWNLOADS]: The skill references and encourages the use of various external resources from unverified domains and repositories outside of established trusted organizations.
Evidence: Downloads from http://fudankw.cn:9000 and repository cloning from https://github.com/lsdefine/GenericAgent.git.
[PROMPT_INJECTION]: The skill features high-privilege capabilities (file read/write, terminal access) while also performing "Autonomous Web Data Collection" and mobile device control. Processing untrusted content from the web or third-party apps alongside system-level tools creates a high risk of indirect prompt injection attacks where malicious data can trick the agent into executing dangerous commands.
Ingestion points: Web browsing, ADB mobile control, Gmail monitoring.
Boundary markers: None identified in instructions.
Capability inventory: Shell access, Python REPL, file system write, screenshot vision.
Sanitization: Not explicitly mentioned in the agent configuration or instructions.
[COMMAND_EXECUTION]: The skill encourages the use of powershell -ExecutionPolicy Bypass, which circumvents local security policies and allows for the execution of unsigned scripts.

genericagent-self-evolving-ai-agent