The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions for using sudo to change the ownership of system-level directories (/usr/local/lib/node_modules) and to install system packages. Recommending privilege escalation for development tasks is a high-risk practice.
[REMOTE_CODE_EXECUTION]: The skill guides the agent through the npm install flow for Git repositories, explicitly noting that this process automatically executes the repository's prepare script. This enables the execution of arbitrary, unverified code from an external source upon installation.
[EXTERNAL_DOWNLOADS]: The skill promotes downloading and installing software from an unknown third-party GitHub repository (github.com/JEO-tech-ai/supercode.git) that is not part of a trusted organization or well-known service.
[CREDENTIALS_UNSAFE]: The documentation includes instructions for embedding Personal Access Tokens (PAT) directly into URLs (e.g., git+https://<token>@github.com/...). This practice is highly discouraged as it often leads to credentials being leaked in command-line history, system logs, or environment variables.
[PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection. It ingests untrusted data from external GitHub repositories (specifically package.json and source code) and possesses the capability to execute commands based on that data (via npm install scripts) without sanitization or boundary markers.

npm-git-install