The Agent Skills Directory

[DATA_EXFILTRATION]: The Python script scripts/cn_last30days.py is configured to read API credentials from a specific configuration file located at ~/.qoder/apis/redfox.json. Accessing credential files within the user's home directory is noted as a sensitive data read operation. The retrieved keys are transmitted to the vendor's API endpoint at https://redfox.hk.
[COMMAND_EXECUTION]: The SKILL.md workflow includes instructions for the agent to execute the open command on the locally generated HTML research report file to present it to the user.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted data from multiple social media platforms.
Ingestion points: External data is fetched from Xiaohongshu, Douyin, and WeChat via the RedFox API within scripts/cn_last30days.py.
Boundary markers: The instructions do not define specific delimiters to separate untrusted content from agent instructions.
Capability inventory: The agent is granted access to the Bash, Write, and WebSearch tools.
Sanitization: The Python script implements basic HTML entity escaping (e.g., replacing < and > characters) when constructing the HTML report, which provides a layer of protection against script injection in the viewer.

cn-last30days