The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides instructions to install a tool called 'Caveman' by downloading a shell script from a remote GitHub repository and piping it directly into a shell interpreter. Specifically, it uses curl ... | bash for Linux/macOS and irm ... | iex for Windows. This pattern allows the owner of the remote repository to execute arbitrary code on the user's system without prior verification.\n- [EXTERNAL_DOWNLOADS]: The skill fetches installer scripts from an external, non-authoritative source: https://raw.githubusercontent.com/JuliusBrussee/caveman/main/install.sh and install.ps1. This introduces a dependency on a third-party account that is not verified as a trusted vendor or the skill author.\n- [COMMAND_EXECUTION]: The skill documents the use of various CLI tools (agy, kiro-cli, rtk, git) and instructs the agent to perform directory creation and file copying (mkdir, cp) within the user's home directory and application data folders.\n- [DATA_EXFILTRATION]: The skill includes instructions to interact with an external service at https://cognee1995.coteccons.vn for 'AgentMemory' storage and retrieval. This involves sending data (facts, decisions, context) over the network to an external server using an authorization bearer token.

orca-dispatch-reference