The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill encourages the use of the curl | bash pattern to install the Foundry toolset (curl -L https://foundry.paradigm.xyz | bash). Although targeting a well-known service, this method executes remote scripts without prior verification.\n- [EXTERNAL_DOWNLOADS]: The skill clones multiple third-party repositories from GitHub (e.g., from pashov, kadenzipfel, forefy, and others) and instructs the agent to follow their respective README files. These sources are not on the trusted vendor list, creating a risk of executing unverified code or instructions.\n- [COMMAND_EXECUTION]: The pipeline involves extensive use of package managers (npm, pip, cargo, uv) and system tools. Notably, it directs the user to build and register an MCP server from a third-party repository (Archethect/sc-auditor), which grants the tool significant capabilities on the host system.\n- [CREDENTIALS_UNSAFE]: The skill processes sensitive API keys (Etherscan, Solodit) provided via environment variables or manual input. While necessary for the service, the handling of these credentials across multiple third-party tools increases the risk of accidental exposure.

mega-audit