The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill implements a bootstrap mechanism that retrieves external code and executes it on the host system. Evidence in scripts/bootstrap.ts: The downloadViaGithub and downloadViaNpm functions fetch external repositories and packages, while the installSkillDependencies function executes bun install within those directories, which can trigger arbitrary lifecycle scripts.
[COMMAND_EXECUTION]: The skill utilizes system shell commands to perform its core management tasks. Evidence in scripts/lib/utils.ts: The runCommand function wraps node:child_process.spawnSync to execute tools such as git, npm, tar, and bun with parameters derived from external catalog data.
[EXTERNAL_DOWNLOADS]: The skill is pre-configured to download resources from multiple external GitHub organizations and npm. Evidence in skills-catalog.json: The registry contains URLs for repositories under AElfProject, AelfScanProject, Awaken-Finance, eforest-finance, Portkey-Wallet, and TomorrowDAOProject, none of which are in the explicitly trusted vendors list.
[PROMPT_INJECTION]: The skill relies on natural language intent processing to route users to various skills and trigger the bootstrap process, creating a vulnerability surface for indirect injection. Ingestion points: User intent strings processed for routing logic. Capability inventory: Execution of system commands via spawnSync. Sanitization: No explicit boundary markers or instruction-ignoring delimiters are used when processing the intent routing.

aelf-skills-hub