The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of system-level commands through PowerShell and Bash scripts to manage software installations, environment variables, and system services.
Evidence: Multiple scripts in the scripts/ directory utilize pwsh, winget, scoop, apt, and systemctl to perform administrative tasks.
[REMOTE_CODE_EXECUTION]: The skill provides instructions and scripts to download and execute installers for system-level tools from remote repositories.
Evidence: references/unix.md executes the Homebrew installer using curl | bash, and references/windows.md executes the Chocolatey installer using Invoke-WebRequest | iex.
[EXTERNAL_DOWNLOADS]: The skill fetches scripts and packages from external domains, including some that are not on the explicit whitelist but are standard for the tools used.
Evidence: References to raw.githubusercontent.com for Homebrew and community.chocolatey.org for Chocolatey packages.
[PROMPT_INJECTION]: The skill implements an 'Indirect Prompt Injection' surface by reading and displaying historical logs and issue reports at the start of every session without sanitization.
Ingestion points: scripts/Show-AdminSessionStart.ps1 and scripts/show-admin-session-start.sh read content from logs/operations.log and issues/issue_*.md.
Boundary markers: Data from these files is interpolated directly into the agent's context or terminal output without protective delimiters.
Capability inventory: The agent has high system-level capabilities including command execution and file manipulation.
Sanitization: Content from previous logs or user-generated issue reports is processed raw.
[DATA_EXFILTRATION]: The skill integrates with an external, non-whitelisted service (mem.self-host.io) to store and retrieve operational memories.
Evidence: references/memory-integration.md describes sending installation outcomes and diagnostic findings to https://mem.self-host.io/mcp for cross-device retrieval.

admin