The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The installation instructions direct the user to download the skill from a non-whitelisted GitHub repository (github.com/barneyjm/camino-skills). This poses a risk as the source is not a trusted organization and could contain unvetted code.\n- DATA_EXFILTRATION (LOW): The skill performs network requests to api.getcamino.ai. While this is necessary for functionality, the domain is not whitelisted. No access to sensitive local files was detected.\n- COMMAND_EXECUTION (LOW): The shell script uses curl and jq to interact with the API. The script correctly uses jq to encode user-supplied query strings, which mitigates simple injection risks.

fitness-finder