The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains explicit instructions to override standard agent safety protocols by directing the user to run the agent with the "--dangerously-skip-permissions" flag and instructing the agent to operate with "full autonomy" and "never stop" without user confirmation.
[COMMAND_EXECUTION]: The setup process includes commands that request elevated privileges ("sudo apt-get install") to install system dependencies like LibreOffice and Xvfb.
[COMMAND_EXECUTION]: The skill implements a persistence mechanism by programmatically modifying the system's crontab to schedule recurring, unattended execution of the job application agent.
[COMMAND_EXECUTION]: Multiple local scripts and system binaries (LibreOffice, Node.js) are executed as part of the primary workflow to generate documents and validate application materials.
[EXTERNAL_DOWNLOADS]: The README documents a standard installation procedure for the Claude Code CLI tool using a remote script from "claude.ai", which is a well-known service.
[DATA_EXFILTRATION]: The skill's architecture relies on reading sensitive local files, including "secrets.md" for account credentials and "user-profile.md" for detailed personal and work authorization information, which are then used to populate external web forms during the application process.
[COMMAND_EXECUTION]: Various ATS-specific handlers (e.g., Oracle, Taleo) utilize the "browser_evaluate" tool to execute dynamically constructed JavaScript within the browser environment to interact with complex web components.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted job description text from external websites and uses this data to influence its internal reasoning, resume tailoring logic, and responses to screening questions.

job-auto-apply