The Agent Skills Directory

[COMMAND_EXECUTION]: The setup-vnc.sh script executes multiple high-privilege commands using sudo to install system packages, create systemd service units in /etc/systemd/system/, and modify the /usr/bin/xfdesktop system binary. These actions establish persistence and provide the skill with deep system integration.
[COMMAND_EXECUTION]: The VNC server configuration (specifically in vnc_start.sh) initializes x11vnc with the -nopw flag, disabling password authentication. While it attempts to bind to the loopback interface, any misconfiguration or reuse of this pattern could expose the entire desktop environment to unauthorized remote control.
[EXTERNAL_DOWNLOADS]: The skill fetches the Google Chrome stable package from a well-known source (dl.google.com) and installs it via dpkg. This is documented as a neutral dependency installation for the intended browser automation functionality.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes arbitrary content from the virtual desktop without safety boundaries.
Ingestion points: Screen content is captured via screenshot.sh and returned to the agent for interpretation.
Boundary markers: None. The agent receives raw visual data which may contain adversarial instructions from websites or documents opened in the virtual environment.
Capability inventory: The skill possesses significant capabilities including administrative system modification via sudo and full user-level automation via xdotool and xfce4-terminal.
Sanitization: There is no validation or sanitization of the content displayed on screen before it is processed by the agent's vision model.

computer-use