The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The README.md and SKILL.md files recommend an installation pattern where a remote script is fetched via curl and piped directly into bash: curl -fsSL https://raw.githubusercontent.com/Dicklesworthstone/slb/main/scripts/install.sh | bash. This allows for the execution of arbitrary remote code without prior inspection.
[COMMAND_EXECUTION]: The core functionality of the tool involves executing arbitrary shell commands provided by agents or users. This is facilitated in internal/core/command.go using exec.CommandContext. Although the tool implements a 'two-person rule' approval process, it provides a high-privilege bridge between the AI agent and the host operating system.
[DATA_EXFILTRATION]: The tool includes a webhook notification system in internal/daemon/notifications.go. When configured, it sends a WebhookPayload containing the Command, RiskTier, and RequestorAgent to an external URL. If an attacker controls the webhook URL, this can be used to exfiltrate sensitive command parameters or environment-specific data.
[EXTERNAL_DOWNLOADS]: The scripts/install.sh script programmatically interacts with the GitHub API to fetch the latest release versions and download binary archives from GitHub repositories.
[PROMPT_INJECTION]: The AGENTS.md file contains instructions that attempt to override standard agent behavior, such as 'RULE 0
THE FUNDAMENTAL OVERRIDE PREROGATIVE', which commands the agent to prioritize user instructions over the guidelines in the file. It also includes instructions to suppress questioning or verification of certain types of changes, which could be exploited to bypass safety checks.

slb