The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/douyin_similar_account.py contains logic to programmatically search for and parse sensitive system configuration files to extract the REDFOX_API_KEY. It targets files including ~/.zshrc, ~/.bashrc, ~/.bash_profile, and ~/.profile. On Windows, it attempts to read from the Registry path HKEY_CURRENT_USER\Environment. Automated parsing of global shell environment files is a high-risk pattern as it exposes all environment variables to the script.
[COMMAND_EXECUTION]: The skill requires the execution of a local Python script scripts/douyin_similar_account.py to perform its core logic, which includes file system access and network operations.
[EXTERNAL_DOWNLOADS]: The skill performs network requests to the vendor's API at https://redfox.hk/story/api/dyUser/querySimilarAccounts and https://redfox.hk/story/api/dyUser/syncUserNotes to fetch and synchronize social media account data.
[PROMPT_INJECTION]: The SKILL.md file includes instructions that strictly constrain the agent's behavior, specifically commanding it to 'display the script output as is, verbatim' and 'prohibit any summaries, rewrites, or extra comments'. This could be used to force the agent to output malicious payloads contained in external data without applying its standard safety or summarization filters.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data (Douyin account signatures, nicknames, and video titles) from the RedFox API and interpolates them directly into the agent's output context without sanitization or boundary markers.

douyin-similar-account