The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The documentation provides default administrative credentials (Username: "admin", Password: "admin888") for the initial login. While it advises users to change these immediately, hardcoded default passwords are a known security risk.
[EXTERNAL_DOWNLOADS]: The installation instructions require cloning a repository from a third-party, unverified source: "https://github.com/yaojingang/GEOFlow.git". Since this source is not part of the platform's trusted vendor list, it represents a supply chain risk.
[COMMAND_EXECUTION]: The skill relies heavily on the execution of shell commands for setup and management, including "docker compose", "php" CLI scripts (e.g., bin/geoflow, bin/worker.php, bin/cron.php), and "git clone". These commands grant the skill significant control over the local environment.
[DATA_EXPOSURE]: The documentation mentions the use of ".env" files for storing sensitive configuration, such as "APP_SECRET_KEY", "DB_PASSWORD", and "AI_API_KEY". While it correctly advises against hardcoding these, the skill's operational flow involves reading and writing these sensitive values.
[PROMPT_INJECTION]: The system's core architecture involves creating content by interpolating data from external libraries (titles, knowledge bases) into prompt templates. This creates a surface for indirect prompt injection if the ingested data is sourced from untrusted parties.

geoflow-content-automation