The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The INSTALL.md file recommends an installation method using curl | bash with a remote URL, which is a high-risk pattern that executes arbitrary code from a remote source without verification.
[REMOTE_CODE_EXECUTION]: The update.sh script implements a self-update mechanism that downloads a ZIP archive from a remote Gitee repository, extracts it, and overwrites the entire skill's source directory at runtime. This allows for arbitrary remote code execution if the source repository is compromised.
[COMMAND_EXECUTION]: Multiple scripts (run.sh, install.sh, cron-setup.sh, uploader.sh) perform extensive shell command execution to manage system packages, Python/Node dependencies, and Git operations. The grabber-enhanced.js file also uses execSync to invoke Python OCR scripts.
[DATA_EXFILTRATION]: The uploader.sh script is designed to automate the transfer of scraped data and screenshots to an external Gitee repository. It uses a sensitive Gitee access token directly in the repository URL during git push, which may expose credentials in process lists or logs.
[PERSISTENCE]: The cron-setup.sh and install.sh scripts automatically install persistent tasks into the system's crontab. These tasks are configured to run scraping, visualization, and upload operations daily and weekly in the background.
[PROMPT_INJECTION]: The skill scrapes product information from the Xianyu (Goofish) marketplace. This untrusted content is incorporated into Markdown and HTML reports without any sanitization or boundary markers, creating a surface for indirect prompt injection if an LLM later processes these reports.
[DYNAMIC_EXECUTION]: The visualize.py script utilizes dynamic module loading via __import__('datetime') within a string template, which is a form of dynamic execution that can be risky if the input to the template is not strictly controlled.

xianyu-data-grabber