The Agent Skills Directory

[COMMAND_EXECUTION]: The SKILL.md file contains instructions for the AI agent to execute complex shell pipelines involving yt-dlp, rg, and ffmpeg to download and trim media files from external sources.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates downloading subtitles and audio from YouTube via yt-dlp as part of its character voice setup process.\n- [CREDENTIALS_UNSAFE]: The speak.sh script manages a service API key by reading from and writing to ~/.noiz_api_key. Although it sets restricted file permissions (600), handling persistent secrets in the home directory is a sensitive operation.\n- [DATA_EXFILTRATION]: The speak.sh script allows uploading a local file to the Noiz API via the --ref-audio flag. Since the script does not validate the file path, this mechanism could potentially be used to transmit sensitive local files to the external service.\n- [COMMAND_EXECUTION]: The speak.sh script executes a Python snippet at runtime to normalize API keys and process JSON data from the service endpoint.

characteristic-voice