The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill includes a link to an external document that has been flagged as malicious by automated scanners for association with botnet activity.
Evidence: https://ijels.com/upload_document/issue_files/70IJELS-1042024-TheArt.pdf in the research data file examples/trump-perspective/references/research/03-expression-dna.md.
[PROMPT_INJECTION]: Multiple character perspective skills generated by this tool contain instructions to explicitly suppress safety disclaimers and non-disclosure warnings after their first appearance. This reduces the user's ability to monitor agent behavior and violates transparency best practices.
Evidence: "免责声明仅首次激活时说一次...后续对话不再重复" (Disclaimer is only stated at the first activation... subsequent conversations will not repeat it) in examples/steve-jobs-perspective/SKILL.md, examples/mrbeast-perspective/SKILL.md, examples/zhang-yiming-perspective/SKILL.md, and examples/sun-yuchen-perspective/SKILL.md.
[REMOTE_CODE_EXECUTION]: The skill includes a shell script designed to install Python packages via pip at runtime without verification of the package integrity or version pinning.
Evidence: pip install -q yt-dlp in examples/mrbeast-perspective/scripts/fetch_youtube_subtitles.sh.
[COMMAND_EXECUTION]: The skill utilizes invasive tools like computer-use to perform data scraping from live social media sessions, which requires executing arbitrary browser-level commands.
Evidence: Detailed workflow in examples/x-mastery-mentor/SKILL.md for capturing data from x.com using automated browser navigation.

huashu-nvwa