The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill documentation and setup scripts frequently utilize the pattern of piping remote shell scripts directly into a shell (e.g., 'curl | bash'). Sources include the vendor domain (openclaw.ai), well-known services (NodeSource, Tailscale, Atuin), and the author's own GitHub repository.
[COMMAND_EXECUTION]: The instructions command the agent to perform privileged system operations using sudo, manage system services via systemd and launchctl, and modify critical system configuration files including SSH and firewall settings.
[COMMAND_EXECUTION]: Persistence mechanisms are established through the installation of background services that auto-start on login or boot, and the modification of user shell profiles (.zshrc) to load external plugins and environment settings.
[EXTERNAL_DOWNLOADS]: Multiple documentation files reference downloading binaries and configuration files from external domains such as openclaw.ai, gogcli.sh, and nodesource.com.
[PROMPT_INJECTION]: There is an indirect prompt injection surface as the agent is instructed to ingest and act upon data from external sources—such as system logs, Google Drive search results, and cloud provider metadata—without explicit boundary markers or input sanitization.
[COMMAND_EXECUTION]: A security safety gate hook (hooks/sysadmin-safety-gate.sh) is provided to monitor and block potentially destructive bash commands, such as recursive deletion of system paths or unsafe port exposure, acting as a defensive layer against accidental or malicious misuse.

skill-claw