The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The scripts/install.sh script employs a dangerous 'curl-pipe-to-shell' pattern, fetching an installation script from https://raw.githubusercontent.com/akillness/rtk/refs/heads/master/install.sh and executing it via sh. This allows for arbitrary code execution from a remote repository that is not part of a trusted vendor list.
[EXTERNAL_DOWNLOADS]: The skill performs multiple remote downloads at runtime, including fetching binary artifacts from the rtk-ai/rtk GitHub repository and using cargo install --git to pull source code from the author's personal repository.
[COMMAND_EXECUTION]: The skill uses the Bash tool to execute several local scripts (install.sh, init-agent.sh, check-status.sh). These scripts perform system modifications such as modifying the PATH environment variable, installing packages via brew or cargo, and creating plugin files in local configuration directories (e.g., ~/.config/opencode/plugins/rtk.ts).
[COMMAND_EXECUTION]: The rtk init functionality (managed by scripts/init-agent.sh) installs persistent shell hooks that automatically intercept and rewrite shell command outputs. While intended for token optimization, such hooks represent a persistent modification to the agent's operating environment that could be abused if the underlying binary is compromised.

rtk