The Agent Skills Directory

[DATA_EXFILTRATION] (HIGH): The skill instructs the agent to read and display sensitive configuration files.
Evidence: cat .env | grep -v "^#" | grep -v "^$" in SKILL.md exposes all environment variables, including potentially hardcoded secrets, to the agent context.
Evidence: echo $CLAUDE_CODE_OAUTH_TOKEN | head -c 20 logs the beginning of a sensitive authentication token.
[COMMAND_EXECUTION] (HIGH): The skill contains commands that escalate privileges or modify system-wide settings.
Evidence: Multiple uses of sudo (e.g., sudo apt install, sudo npm install) which grant root access.
Evidence: echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc modifies the user's shell configuration, which is a persistence and command-hijacking vector.
[EXTERNAL_DOWNLOADS] (LOW): The skill performs downloads from trusted external sources.
Evidence: npm install -g @anthropic-ai/claude-code installs a package from the trusted @anthropic-ai organization.
Evidence: Links to Visual Studio Build Tools on visualstudio.microsoft.com (Microsoft is a trusted organization).
[DATA_EXFILTRATION] (LOW): Performs network requests to external API endpoints that may involve tokens.
Evidence: curl -H "Authorization: Bearer $OPENAI_API_KEY" https://api.openai.com/v1/models transmits an API key to a remote host.
[CREDENTIALS_UNSAFE] (LOW): Contains placeholder credential strings.
Evidence: export CLAUDE_CODE_OAUTH_TOKEN="your-token-here" in SKILL.md.

auto-claude-troubleshooting