The Agent Skills Directory

[COMMAND_EXECUTION]: The Python script 'scripts/fix_github_dns.py' is vulnerable to command injection in the 'fetch_single_host' and 'fetch_hosts' functions. It utilizes 'subprocess.run(shell=True)' to execute 'curl' commands where the target URL is interpolated directly from the '--urls' command-line argument without sanitization. An attacker could provide a malicious URL containing shell metacharacters to execute arbitrary code on the system.- [COMMAND_EXECUTION]: The skill instructions in 'SKILL.md' encourage users to perform dangerous privilege escalation by executing 'sudo chown' and 'sudo chmod' on the system '/etc/hosts' file. This operation permanently weakens the machine's security by allowing the agent or other unprivileged processes to modify critical network mappings without further authentication.- [EXTERNAL_DOWNLOADS]: The script is configured to download host mapping files from several third-party repositories on GitHub and the JSDelivr CDN. Applying unverified network configurations from external third parties can lead to DNS hijacking or the redirection of sensitive traffic to malicious servers.- [COMMAND_EXECUTION]: The script performs multiple system operations using 'shell=True', including flushing DNS caches and pinging domains. While these specific commands are mostly static, the pervasive use of shell execution with 'subprocess.run' increases the overall attack surface of the skill.

github-dns-helper