The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses system utilities to access sensitive local storage.
Evidence: In scripts/lib/chrome_cookies.py, it executes security find-generic-password -w -s "Chrome Safe Storage" to retrieve the encryption key from the macOS Keychain.
Evidence: In scripts/lib/setup_wizard.py, it executes brew install yt-dlp to install external dependencies at runtime.
[DATA_EXFILTRATION]: The skill extracts private authentication tokens from local browser files.
Evidence: scripts/lib/chrome_cookies.py, scripts/lib/safari_cookies.py, and scripts/lib/cookie_extract.py contain logic to copy and parse SQLite or binary cookie databases for Chrome, Safari, and Firefox to harvest session tokens for external APIs.
[CREDENTIALS_UNSAFE]: The skill contains a hardcoded functional Bearer token for the Twitter/X web application.
Evidence: Found in scripts/lib/vendor/bird-search/lib/twitter-client-base.js.
[PROMPT_INJECTION]: The skill ingests a large volume of untrusted content from social media platforms, creating an indirect prompt injection surface.
Ingestion points: Social media posts and transcripts are fetched in reddit.py, bird_x.py, youtube_yt.py, tiktok.py, and instagram.py.
Boundary markers: Defensive tags (<untrusted_content>) are used in scripts/lib/rerank.py, and safety warnings are included in scripts/lib/render.py.
Capability inventory: The skill possesses network access (http.py) and subprocess execution capabilities (scripts/lib/subproc.py).
Sanitization: Content is processed via HTML stripping and length truncation in scripts/lib/normalize.py before being sent to an LLM.
[EXTERNAL_DOWNLOADS]: The skill fetches data from various third-party services and package registries.
Evidence: Network requests are made to api.scrapecreators.com, gamma-api.polymarket.com, api.github.com, and openrouter.ai to retrieve research data.

last30days