The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script scripts/lib/survaivor-client.mjs uses npx --yes identityapp to handle identity management. This causes the npm package identityapp to be downloaded and executed if not already present. This is a vendor-owned resource used for game authentication.\n- [COMMAND_EXECUTION]: The skill executes the npx utility through child_process.spawn to call the identityapp CLI, which is necessary for signing game actions like voting and messaging.\n- [SAFE]: No instances of data exfiltration, hardcoded credentials, or malicious obfuscation were identified. All network operations are directed to the trusted vendor domains arena.survaivor.app and identity.app.\n- [PROMPT_INJECTION]: The skill processes external game feed data in scripts/feed.mjs. While this provides an attack surface for indirect prompt injection, no malicious patterns were detected, and the ingestion is a core requirement for the game's functionality.

survaivor-agent-kit