The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill instructions in SKILL.md include a hardcoded authentication token test-local-token-2026 within the Authorization header for requests targeting the deep research service.
[DATA_EXFILTRATION]: The skill is instructed to transmit the user's sensitive ECOMSEER_API_KEY to an external third-party domain deepresearch.admapix.com during the 'Deep Research' process. This domain is not identified as a trusted or well-known service, and the vendor context does not establish a link between the author and this domain.
[COMMAND_EXECUTION]: The skill requires the agent to execute complex shell script loops in SKILL.md to poll for research results. This involves using curl to fetch data and processing it with shell utilities like grep and cut, which can be risky if the remote input is not properly handled.
[REMOTE_CODE_EXECUTION]: Automated scanning detected a pattern where remote data from https://deepresearch.admapix.com/research/{task_id} is downloaded and subsequently processed in a shell execution context within the polling loop.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from both the EcomSeer API and the third-party research framework while possessing command execution capabilities.
Ingestion points: Data enters the context via curl requests in SKILL.md and referenced API documentation.
Boundary markers: Absent. There are no instructions to delimit or ignore instructions within the fetched data.
Capability inventory: curl (network access), openclaw config set (local configuration modification).
Sanitization: Absent. The skill directly presents summaries and reports from external sources without validation or filtering.

ecomseer