The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs users to install an NPM package @gitlawb/openclaude and clone a Git repository from node.gitlawb.com. These sources are neither from the skill author's known domains nor from established trusted organizations or well-known services.- [REMOTE_CODE_EXECUTION]: By directing users to install and run a third-party fork of Claude Code via npm install -g and bun run dev, the skill facilitates the execution of unverified remote code. This code has full access to the user's environment and sensitive LLM API keys.- [COMMAND_EXECUTION]: The installed software is designed to execute high-privilege system commands through its tool system, including Bash, FileEdit, and FileWrite. This significantly increases the impact of any malicious code within the untrusted fork.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it routes raw LLM responses through a shim to trigger local tools. * Ingestion points: LLM responses from external providers are processed via the openaiShim.ts layer. * Boundary markers: No explicit boundary markers or directives to ignore embedded instructions are provided in the documentation. * Capability inventory: The toolset includes shell access (Bash), file modification (FileWrite, FileEdit), and network operations (WebFetch). * Sanitization: No sanitization or validation is specified for the LLM output before it triggers system tool calls.

openclaude-multi-llm