The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to download and run a Docker image from a personal GitHub Container Registry: ghcr.io/tiancheng91/miloco-backend:dev. Running unverified containers can lead to arbitrary code execution within the host environment.
[DATA_EXFILTRATION]: Although the skill claims to use a local Miloco backend, the client script scripts/camera_client.py is hardcoded to fetch camera snapshots from an external domain: http://micam.appsvc.net. This sends sensitive private camera imagery to a third-party server not controlled by the user or the official camera manufacturer.
[CREDENTIALS_UNSAFE]: The documentation encourages users to save their 6-digit access password in plaintext within shell configuration files (e.g., echo 'export MILOCO_PASSWORD="..."' >> ~/.zshrc). This makes the credentials accessible to any local process or user on the system.
[COMMAND_EXECUTION]: The script uses the urllib module to perform unencrypted HTTP requests to external servers and uses the pathlib module to create directories and write files to the local filesystem based on remote data.
[REMOTE_CODE_EXECUTION]: While not directly executing remote scripts, the requirement to run a Docker image provided by the author (ghcr.io/tiancheng91/...) effectively grants the author the ability to run arbitrary code on the user's infrastructure.

xiaomi-cam-snapshot