The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The installation process requires adding a plugin from a third-party GitHub repository (Yeachan-Heo/oh-my-claudecode) and installing a global npm package (oh-my-claude-sisyphus). These sources do not match the skill's stated author (akillness) and are not recognized as trusted vendors, presenting a risk of arbitrary code execution.
[CREDENTIALS_UNSAFE]: The skill includes configuration commands that prompt users to input sensitive secrets, such as Telegram bot tokens and Discord webhooks, for notification purposes.
[COMMAND_EXECUTION]: The skill executes several system-level bash commands for setup and maintenance. It also initiates a background daemon via omc wait --start for auto-resuming sessions and instructs the user to modify sensitive configuration files like ~/.claude/settings.json to enable experimental features.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download of optional CLI tools from well-known services, specifically @google/gemini-cli from Google and @openai/codex from OpenAI.
[PROMPT_INJECTION]: As an orchestration layer that processes natural language tasks through a multi-agent pipeline, the skill is susceptible to indirect prompt injection where malicious instructions in a task could compromise the agents.
Ingestion points: Processes untrusted natural language task descriptions provided by the user in the Claude Code environment.
Boundary markers: No specific delimiters or instructions are identified to prevent the agents from following instructions embedded within the processed data.
Capability inventory: The agents have access to high-privilege tools including file read/write operations and shell execution (Bash, Edit).
Sanitization: No sanitization or validation mechanisms are described for the input tasks before they are passed to the orchestration loop.

omc