The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes sudo apt-get to install system-level dependencies such as ffmpeg, wget, and unzip. This requires the agent to execute commands with elevated administrative privileges.
[REMOTE_CODE_EXECUTION]: The installation process involves running bash download.sh from the cloned repository. Executing shell scripts from an external source checkout without verifying their contents presents a high risk of executing arbitrary code.
[EXTERNAL_DOWNLOADS]: The skill triggers several external downloads, including system packages via OS package managers, Python libraries via pip install -r requirements.txt, and large resource archives (models and assets) via wget within the download.sh script.
[CREDENTIALS_UNSAFE]: The workflow involves updating config.toml with sensitive API keys for LLM and VLM services. While placeholders like REPLACE_WITH_REAL_KEY are shown, the functional purpose of the skill is to handle and store real secrets in a local file.
[PROMPT_INJECTION]: The skill is designed to read README.md and other local repository files before proceeding. This creates a surface for indirect prompt injection where malicious instructions embedded in the repository files could manipulate the agent's installation or configuration behavior. This represents an ingestion point for untrusted data combined with powerful capabilities like subprocess execution.

openstoryline-install