The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires installing the core @jackwener/opencli package from NPM and a browser extension from GitHub Releases. While these are presented as prerequisites, they involve downloading and running code from external, non-vendor repositories.
[REMOTE_CODE_EXECUTION]: The opencli plugin install command supports installing and executing code directly from any GitHub repository (github:username/repo) or NPM organization. This allows for the dynamic introduction of unvetted logic into the agent's environment.
[COMMAND_EXECUTION]: The opencli external register feature allows the agent to wrap and execute any local binary (e.g., gh, docker, kubectl) through the OpenCLI interface. This effectively grants the agent the ability to run arbitrary system commands if it is instructed to register dangerous tools.
[PROMPT_INJECTION]: As a web automation and scraping tool, the skill creates a significant surface for Indirect Prompt Injection (Category 8). It ingests untrusted data from websites (via extract, state, or network commands) and presents it to the agent. Malicious website content could contain instructions designed to manipulate the agent's subsequent actions.
[DYNAMIC_EXECUTION]: The skill provides an eval command for browser sessions, allowing the execution of arbitrary JavaScript within the context of the user's browser tabs. Additionally, the adapter framework relies on executing local JavaScript files (index.js) to handle site-specific automation logic.

opencli-universal-cli-hub