The Agent Skills Directory

[REMOTE_CODE_EXECUTION] (HIGH): The Bash script in references/setup.md downloads and executes the Auth0 CLI installation script using curl | sh. This piped execution pattern is high-risk as it allows unverified remote code to run with the user's shell privileges.- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill documentation and setup scripts facilitate the installation of external dependencies and binaries from multiple sources including npm, Homebrew, and Scoop without integrity verification.- [COMMAND_EXECUTION] (MEDIUM): Setup scripts in references/setup.md (both Bash and PowerShell) automate system-level operations including CLI tool invocation, application creation via the Auth0 API, and local filesystem writes for environment configuration.- [DATA_EXPOSURE] (LOW): The setup scripts automate the creation of a .env file containing Auth0 credentials. While these are public client credentials, the automated handling of environment files is a potential surface for sensitive data mismanagement.- [INDIRECT_PROMPT_INJECTION] (LOW): The setup scripts in references/setup.md ingest untrusted user input via shell prompts (e.g., APP_ID) and interpolate them directly into shell commands and file-write operations without sanitization.

auth0-vue