The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script scripts/install_ima_skill.sh fetches the official IMA skill package directly from Tencent's distribution servers at app-dl.ima.qq.com.
[REMOTE_CODE_EXECUTION]: The installation process downloads a ZIP archive from the vendor's official domain and installs its contents globally using the standard vercel-labs/skills distribution mechanism via npx skills add.
[COMMAND_EXECUTION]: The skill utilizes system utilities including curl, unzip, and npx for installation and management. It also provides maintenance instructions in references/known_issues.md that guide the agent through repairing the upstream skill's files with explicit user consent checkpoints.
[CREDENTIALS_UNSAFE]: The skill implements secure credential management by instructing the agent to store API keys in the standard user configuration path (~/.config/ima/) with restricted filesystem permissions (600).
[DATA_EXFILTRATION]: The search functionality in scripts/search_fanout.py transmits search queries to the official IMA OpenAPI at ima.qq.com/openapi to retrieve knowledge base hits as intended by the skill's primary function.

ima-copilot