The Agent Skills Directory

[COMMAND_EXECUTION]: The skill orchestrates shell operations using tmux send-keys in background sessions, which can obscure automated command execution from the user's immediate oversight.\n- [CREDENTIALS_UNSAFE]: The workflow relies on tmux capture-pane to retrieve terminal output. This process is highly likely to ingest sensitive information, such as vault lists or plaintext secrets, directly into the agent's context and conversation history.\n- [COMMAND_EXECUTION]: Examples within the skill suggest using the --no-masking flag with op run, which intentionally disables the 1Password CLI's security feature that redacts secrets from standard output streams.\n- [EXTERNAL_DOWNLOADS]: The skill includes instructions and metadata to install the 1Password CLI through Homebrew, pointing to official and reputable software distribution channels.\n- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by reading raw terminal output. Ingestion points: terminal history retrieved via tmux capture-pane in SKILL.md. Boundary markers: Absent. Capability inventory: Arbitrary shell command execution via tmux and brew. Sanitization: Absent.

1password