The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (CRITICAL): Automated scanners (URLite) identified a blacklisted URL in profile.md (URL:Blacklist|UR4703CF1437997CDA-0200|urlb). This indicates the profile references domains or resources associated with malicious activity.
[PROMPT_INJECTION] (LOW): The skill utilizes a user-controlled profile that contains instructions to override the agent's default behavior. Specific patterns include '讨厌别人告诉我该怎么做' (Hate being told what to do) and instructions to skip social cues, which are attempts to modify the system's operational safety guidelines.
[COMMAND_EXECUTION] (MEDIUM): The user profile includes a collaboration principle stating: '有判断就先执行，错了再改' (Execute first if there's a judgment, change later if wrong). When used with tools mentioned in the profile (e.g., N8N, MCP), this encourages autonomous command execution without necessary human-in-the-loop validation.
[DATA_EXFILTRATION] (MEDIUM): The skill aggregates highly personal data and integrates with network-capable services like Supabase and N8N. The combination of sensitive data ingestion and outbound network capabilities creates a significant surface for exfiltration if the profile instructions are manipulated.
[PROMPT_INJECTION] (LOW): Indirect prompt injection surface via profile.md. 1. Ingestion points: profile.md (read by SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Shell, N8N, MCP, Supabase. 4. Sanitization: Absent.

telos