The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/refresh_cookies.py retrieves the 'Chrome Safe Storage' encryption key from the macOS Keychain using subprocess.check_output(['security', 'find-generic-password', ...]). This bypasses standard browser isolation and triggers a system password prompt.\n- [CREDENTIALS_UNSAFE]: The skill reads the Chrome Cookies SQLite database directly from the user's filesystem at ~/Library/Application Support/Google/Chrome/, exposing all stored browser session tokens.\n- [DATA_EXFILTRATION]: Extracted session cookies are decrypted and saved to a local file (~/.oracle/cookies.json) and transmitted to https://chatgpt.com/api/auth/session for session validation.\n- [EXTERNAL_DOWNLOADS]: In scripts/run_oracle.py, the skill uses npx -y @steipete/oracle to download and execute code from a third-party registry at runtime without version pinning or source verification.\n- [COMMAND_EXECUTION]: The skill makes extensive use of the subprocess module to execute system security tools and external package runners, providing a path for command injection or unauthorized system interaction.

consult-oracle