The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses opencli tools to perform browser automation, including navigating to URLs and executing arbitrary JavaScript via opencli browser eval to reverse-engineer site APIs.\n- [CREDENTIALS_UNSAFE]: The workflow facilitates the capture and use of sensitive authentication data such as cookies and Bearer tokens. One template includes a hardcoded public Bearer token for Twitter's GraphQL API. These credentials are required for the generated adapters to interact with authenticated endpoints.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection. Ingestion points: arbitrary URLs opened via browser commands (Step 1). Boundary markers: Absent. Capability inventory: browser control, JavaScript execution, and local file generation/execution. Sanitization: Absent. Malicious web content could potentially influence the agent during the adapter discovery and generation process.\n- [EXTERNAL_DOWNLOADS]: The generated code templates depend on the @jackwener/opencli package scope, which is maintained by the skill author. This represents a dependency on the vendor's own infrastructure.

opencli-oneshot