The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a custom bash script mac-optimize.sh to perform a deep audit of the macOS system, including process lists, disk status, and power settings.\n- [CREDENTIALS_UNSAFE]: The script uses ps aux to audit running processes. This can expose sensitive credentials or tokens if they are passed as command-line arguments. The developer has implemented a redact function using sed to mask common secret keywords, though this heuristic approach may not capture all sensitive data formats.\n- [DATA_EXFILTRATION]: The skill collects detailed system metadata, including active network connection counts, names of login items, and third-party launch agents. This data is exposed to the AI agent context for analysis. No automated external data transmission was detected in the skill's code.\n- [PROMPT_INJECTION]: The skill processes untrusted system output (such as process names and file paths) and provides it to the AI agent, creating an indirect prompt injection surface.\n
Ingestion points: System audit results from ps, ls, and netstat in the mac-optimize.sh script.\n
Boundary markers: The SKILL.md does not employ specific delimiters or instructions to ignore embedded commands when the agent processes the script's output.\n
Capability inventory: The skill is configured with the Bash tool, which allows for further system modification based on the analysis.\n
Sanitization: Heuristic redaction is used for secret masking, but no specific sanitization is applied to prevent the agent from interpreting malicious strings embedded in process or file metadata.

mac-optimizer