The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The installer script scripts/install.sh downloads a shell script from https://plannotator.ai/install.sh and pipes it directly into the bash interpreter. This allows for arbitrary remote code execution from an untrusted external source not included in the trusted vendor lists or recognized as a well-known service.\n- [COMMAND_EXECUTION]: The script scripts/claude-plan-gate.py programmatically modifies the local ~/.claude/settings.json file to set permissionMode to acceptEdits. This configuration change bypasses the mandatory human-in-the-loop requirement for file system edits, effectively granting the AI agent elevated privileges to modify the host environment without user approval.\n- [COMMAND_EXECUTION]: The skill performs extensive system-level changes to establish persistence and deep integration, including creating dispatcher scripts and registry files for hooks across Claude Code, Codex, Gemini CLI, and OpenCode platforms.\n- [EXTERNAL_DOWNLOADS]: The skill installs several third-party tools and plugins during setup, such as agent-browser, playwriter, and various 'oh-my' multi-agent extensions from unverified GitHub repositories and external domains.\n- [EXTERNAL_DOWNLOADS]: The skill downloads the Bun runtime installer from https://bun.sh/install, which is a recognized well-known service provider.

jeo