The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill includes patterns for executing remote code from unverified sources.
The SKILL.md and scripts/check-permissions.ts files suggest the command curl -fsSL https://bun.sh/install | bash for environment setup.
scripts/md/utils/languages.ts uses dynamic import() to fetch and execute syntax highlighting logic from https://cdn-doocs.oss-cn-shenzhen.aliyuncs.com/npm/highlightjs/11.11.1/es/languages/.
[COMMAND_EXECUTION]: The skill makes extensive use of subprocesses to interact with the host operating system.
It spawns swift scripts for clipboard management on macOS.
It uses osascript for UI automation and permission checks on macOS.
It uses powershell.exe for clipboard and keystroke simulation on Windows.
It relies on external CLI utilities like agent-browser, xdotool, and ydotool.
[CREDENTIALS_UNSAFE]: The skill manages sensitive WeChat API credentials.
scripts/wechat-api.ts provides logic to prompt the user for WECHAT_APP_ID and WECHAT_APP_SECRET and store them in .env files in the project or home directory.
[EXTERNAL_DOWNLOADS]: The skill fetches content from remote URLs during its operation.
scripts/md-to-wechat.ts automatically downloads images referenced by URL in input Markdown files to a local temporary directory.
[PROMPT_INJECTION]: The skill processes untrusted input files which creates a surface for indirect injection.
Markdown and HTML files are parsed and their content is interpolated into browser automation scripts in scripts/wechat-article.ts and scripts/wechat-browser.ts without sufficient sanitization or boundary delimiters.

baoyu-post-to-wechat