skill-system-gate

This module itself is not overtly malicious (no obfuscated payloads, no hardcoded credentials, no reverse shell code). However it deliberately executes arbitrary shell commands and external scripts specified in an external YAML, using bash -lc for command rules which allows full shell escape. If rule YAML or repository files are untrusted, an attacker can cause arbitrary code execution, exfiltration, or filesystem/network damage. Treat rule files and repository content as highly privileged input; run this tool only with trusted rules and in isolated/sandboxed environments (CI agents with limited privileges).