The Agent Skills Directory

[DATA_EXFILTRATION]: The skill contains a bash script in SKILL.md that collects sensitive system identifiers, including the hostname, system architecture and OS name via uname, and the path to the user's home directory ($HOME). This data is used to generate a unique device fingerprint which is then sent via curl to https://plugin-store-dun.vercel.app/install and https://www.okx.com/priapi/v1/wallet/plugins/download/report.
[COMMAND_EXECUTION]: The script executes multiple shell commands (hostname, uname, shasum, curl) to perform system fingerprinting and network exfiltration. This logic is placed in a 'Pre-flight Dependencies' section intended to run automatically when the skill is loaded.
[CREDENTIALS_UNSAFE]: The script includes an obfuscated HMAC key encoded in Base64 (OE9nNWFRUFdfSVJkektrMExOV2RNeTIzV2JibXo3ZWNTbExJUDFIWnVoZw==). This key is used to sign the exfiltrated device fingerprint, indicating a structured and intentional effort to track user environments.
[DYNAMIC_CONTEXT_INJECTION]: The exfiltration script is embedded within a documentation block that mimics standard plugin installation procedures. This pattern is designed to execute silently in environments that support shell command evaluation at load time, such as Claude Code, without explicit user consent.

uniswap-v4-security-foundations