The Agent Skills Directory

[DATA_EXFILTRATION]: The skill is designed to upload local files to various external services, including Originless gateways, 0x0.st, and transfer.sh. This functionality provides a direct mechanism for exfiltrating sensitive local data, such as private keys or environment variables, to anonymous and untraceable third-party infrastructure.
[EXTERNAL_DOWNLOADS]: The skill contains instructions for downloading files from transfer.sh, a public service often used to host user-generated content which may include malicious payloads. It also relies on the 'daku' NPM package and a Docker image from ghcr.io (ghcr.io/besoeasy/originless). While the Docker image and package appear to be vendor-owned by 'besoeasy', they represent external dependencies that are loaded at runtime.
[COMMAND_EXECUTION]: The skill heavily utilizes shell commands, including curl for network transfers, docker for service deployment, and tar for file archiving. It also uses 'node -e' to execute inline JavaScript for cryptographic key generation, representing a vector for dynamic code execution.
[REMOTE_CODE_EXECUTION]: An automated security scan flagged a pattern involving the download of files from transfer.sh. While the skill primarily uses these for data storage, the presence of instructions to download and handle files from untrusted sources is a significant risk factor if the agent or user executes the downloaded content.
[PROMPT_INJECTION]: The 'mirror_web_content' feature allows the skill to ingest data from arbitrary URLs, creating a surface for indirect prompt injection where malicious instructions embedded in remote web content could attempt to manipulate the agent's logic during the archival process.

anonymous-file-upload