The Agent Skills Directory

[COMMAND_EXECUTION]: The skill implements a self-repair loop where it modifies local JavaScript/TypeScript adapter files using the Edit and Write tools and immediately executes them via the opencli command. This dynamic code modification and execution cycle is a high-risk pattern as it executes code generated by the agent during the same session.
[DATA_EXFILTRATION]: The skill contains instructions to file GitHub issues on the 'jackwener/OpenCLI' repository using the gh CLI. This involves sending error messages, site names, and summaries of code changes to a public repository. While the skill instructs the agent to ask for user permission before filing the issue, this represents a structured path for technical data to leave the local environment.
[INDIRECT_PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external websites (DOM snapshots and network request logs) to diagnose failures. This data directly influences the code patches generated by the agent. There are no explicit instructions or boundary markers telling the agent to ignore instructions that might be embedded in the website's content.
[EXTERNAL_DOWNLOADS]: The skill references external dependencies including the opencli tool and the gh GitHub CLI. It specifically mentions importing packages from the @jackwener/opencli scope during adapter patching.

opencli-autofix