The Agent Skills Directory

[COMMAND_EXECUTION]: The sync-agent-auth.sh script is vulnerable to command injection. It accepts a --provider command-line argument and inserts it directly into a Python command string via shell interpolation without sanitization, which could allow for arbitrary code execution if the script is invoked with a maliciously crafted provider name.
[DATA_EXFILTRATION]: The skill and its script manage sensitive local configuration files, specifically ~/.openclaw/openclaw.json and auth-profiles.json. These files contain API keys for various AI providers. While the access is consistent with the skill's purpose of synchronizing credentials, it involves the programmatic handling and exposure of sensitive data stored in the local file system.

api-provider-setup