The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/bootstrap_env.py executes numerous system commands for environment discovery and tool installation. It invokes system-level package managers including brew, apt-get, dnf, yum, pacman, zypper, winget, and choco to install tools like git, node, java, and maven.
[PRIVILEGE_ESCALATION]: The skill attempts to modify the system hosts file (/etc/hosts or C:\Windows\System32\drivers\etc\hosts). If the file is not directly writable, the script attempts to use sudo cp to apply changes, which requires the environment to have passwordless sudo configured for the current user.
[EXTERNAL_DOWNLOADS]: The skill performs multiple external downloads by triggering package installations through npm, pipx, and sdkman. It installs the pre-commit package and custom vendor CLI tools (eliteforge-poseidon-cli, eliteforge-qingtui-cli).
[CREDENTIALS_UNSAFE]: The script programmatically reads and modifies sensitive configuration files, specifically ~/.npmrc and ~/.pip/pip.conf. These files often contain plaintext or hashed authentication tokens. While the script intended purpose is to configure registry mirrors (e.g., at nexus.cisdigital.cn), automated modification of these files carries a risk of accidentally exposing or corrupting stored credentials.
[DATA_EXPOSURE]: The skill reads and modifies global Git configuration settings, including identity information (user.name, user.email). It also scans the local file system (specifically skills/eliteforge-*/SKILL.md) to discover and report on environment variables.

eliteforge-agent-must-known