The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The scripts/install.sh script automatically fetches content from a remote repository at https://github.com/kimlawtech/korean-jangbu-for.git. This source is not verified as a trusted vendor.
[REMOTE_CODE_EXECUTION]: The skill facilitates the execution of unverified remote code by instructing the user to run install.sh and verify.sh from the downloaded upstream repository. This allows third-party scripts to run with the agent's permissions.
[COMMAND_EXECUTION]: The installer script performs various file system operations including recursive deletion (rm -rf), copying files (cp -a), and modifying execution permissions (chmod +x) on the host machine to register multiple sub-skills.
[DATA_EXFILTRATION]: The skill is designed to manage sensitive financial credentials and documents (bank statements, tax records). The instructions specify storing credentials in ~/.jangbu/credentials.env and processing business records, which creates a significant exposure risk when combined with the execution of unverified external code.
[PROMPT_INJECTION]: The skill processes untrusted external data such as CSV, PDF, and image files for ledger automation (documented in SKILL.md). This represents an indirect prompt injection surface where the agent could be manipulated by instructions hidden within the financial documents. Boundary markers are not explicitly defined in the wrapper to prevent such attacks, although basic masking of identifiers is mentioned.

korean-jangbu-for