The Agent Skills Directory

[COMMAND_EXECUTION]: The gitcode-mcp/install.sh script uses sudo for system-wide installation tasks, which poses a privilege escalation risk.- [COMMAND_EXECUTION]: The setup.sh script, which is executed automatically to resolve missing tools, modifies the agent's core configuration files (~/.claude.json or OpenCode configs) and attempts to run a pre-compiled binary shipped with the skill.- [DATA_EXFILTRATION]: The skill retrieves sensitive GitCode API tokens from the user's local git configuration and propagates them to external configuration files used by the MCP server, potentially exposing credentials.- [EXTERNAL_DOWNLOADS]: The scripts/fetch_gate_defects.sh script fetches CI logs and defect reports from the external domain dcp.openharmony.cn using curl.- [PROMPT_INJECTION]: The skill's automated fix modes (Mode 3 and Mode 5) ingest untrusted data from external PR comments and CI logs to drive code edits and forced git pushes, representing an indirect prompt injection surface.

oh-pr-workflow