The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the installation of external tools from non-standard sources. It uses npx -y @mvanhorn/printing-press and go install from a GitHub repository (github.com/mvanhorn/printing-press-library). While these resources are associated with the author's vendor identity, they involve downloading and executing remote code during the setup phase.
[DATA_EXFILTRATION]: The CLI used by this skill supports a --deliver webhook:<url> flag. This capability allows the output of any command—including search results, metadata, or synced data—to be POSTed to an arbitrary external URL. In an agentic context, this could be leveraged to exfiltrate information from the user's environment to a remote server.
[COMMAND_EXECUTION]: The CLI supports a --deliver file:<path> flag, which enables writing command output directly to a specified file path. This provides a mechanism for arbitrary file writes on the local system.
[DATA_EXFILTRATION]: The skill includes a feedback command that can be configured to automatically send data to a remote endpoint (UFO_FEEDBACK_ENDPOINT). While disabled by default, the capability exists within the tool's logic.
[COMMAND_EXECUTION]: The skill utilizes a which command that takes natural language input to resolve CLI capabilities. This creates a surface where unstructured user input directly influences the specific subcommand executed by the agent.

pp-ufo-goat