The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill manages OIDC credentials and OpenRouter API keys by reading from and writing to environment files. Evidence includes:\n
Reading test-vibes/.env for VITE_OIDC_AUTHORITY and VITE_OIDC_CLIENT_ID.\n
Reading and writing OPENROUTER_API_KEY to ~/.vibes/.env in Phase 5.\n
Secrets are handled as plain text in shell commands (echo, sed) and passed as command-line arguments to Node.js scripts, making them visible in process listings and shell history.\n- [COMMAND_EXECUTION]: The skill executes multiple shell operations and local scripts with user-provided data. Evidence includes:\n
Using sed and echo to interpolate user-provided credentials directly into file-writing operations, which lacks sanitization and could lead to shell injection if inputs contain special characters.\n
Execution of several local JavaScript files (deploy-cloudflare.js, assemble.js, merge-templates.js) that have significant control over the project filesystem and Cloudflare deployment environment.\n- [PROMPT_INJECTION]: The skill contains meta-instructions intended to constrain the agent's planning behavior. Evidence includes:\n
An explicit instruction in the header: "If you are planning work, this entire skill is ONE plan step... Do not decompose the steps below into separate plan tasks," which attempts to override standard agent operational protocols.\n- [DATA_EXPOSURE]: The skill implements an admin setup flow (Phase 5.5) that involves manually handling user identifiers (user_ strings) and re-deploying applications with these IDs, increasing the likelihood of accidental exposure of administrative user data.

test