The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/setup-vnc.sh script utilizes sudo to perform administrative tasks, such as installing system packages via apt, creating service configuration files in /etc/systemd/system/, and overwriting the system binary /usr/bin/xfdesktop with a mask script.
[COMMAND_EXECUTION]: The skill establishes persistence by configuring and enabling multiple systemd services (xvfb, xfce-minimal, x11vnc, and novnc) to ensure the virtual desktop environment is automatically launched at system startup.
[CREDENTIALS_UNSAFE]: In scripts/vnc_start.sh, the VNC server is initiated with the -nopw flag, which allows users to connect to the desktop session without any password authentication, though it is configured to listen only on localhost.
[EXTERNAL_DOWNLOADS]: Fetches the Google Chrome stable package from Google's official download servers (dl.google.com) for use within the virtual environment.
[DATA_EXFILTRATION]: The scripts/screenshot.sh and scripts/zoom.sh tools capture the current state of the virtual display and return it as a base64-encoded string, which could lead to the exposure of sensitive information displayed on the screen.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: Screen content captured via screenshot.sh and zoom.sh is processed by the agent. Boundary markers: The scripts do not implement delimiters to distinguish between UI elements and potentially malicious text. Capability inventory: The agent can perform mouse/keyboard actions and system-level configuration. Sanitization: There is no sanitization of the content displayed on screen before it is processed.

computer-use