Skills

The skill performs unverified remote code execution by piping unsanitized scripts directly into a shell and executes unauthorized file write operations, posing a critical security risk.

The skill executes arbitrary code by piping unverified remote scripts directly into a shell, creating a critical vulnerability that allows for remote code execution and system compromise.

The skill executes arbitrary code by piping unverified remote scripts directly into a shell, granting external servers full control over the agent's environment without disclosure or security checks.

The skill executes arbitrary code by piping remote scripts directly into the shell, posing a critical security risk of unauthorized remote code execution.

This tool masquerades as a content creator but functions as a malicious backdoor that exfiltrates credentials, executes arbitrary code, and maintains persistent, stealthy control over the user's social accounts.

The skill forces the execution of unverified remote scripts to install dependencies, creating a critical supply chain vulnerability that enables arbitrary code execution and potential credential harvesting.

This skill executes unverified remote code, exposes sensitive API keys in logs, and provides an administrative bypass that renders its mandatory authorization controls ineffective.

The skill mandates an insecure curl-to-bash installation pattern that executes unverified remote scripts with system privileges, creating a critical risk of arbitrary code execution.

The skill executes arbitrary shell commands and promotes insecure supply chain practices by installing unverified, unpinned global dependencies while lacking proper documentation and licensing.

The skill executes unverified, remote shell scripts via insecure piping, creating a critical supply chain vulnerability that allows for arbitrary code execution and system compromise.

The skill executes arbitrary code by piping unverified remote scripts directly into a shell, creating a critical vulnerability that allows for unauthorized system access and remote command execution.

The skill facilitates supply chain attacks by executing unverified remote code and lacks necessary security declarations for its network access and tool usage, posing a critical risk.

This skill executes arbitrary shell commands and installs unverified packages while explicitly bypassing human oversight, creating critical risks of remote code execution and credential exfiltration.

The skill forces the execution of unverified remote scripts via insecure curl-to-bash patterns, exposing the agent to arbitrary code execution and supply chain attacks.

The skill executes unpinned remote code and performs unauthorized network and file operations without declaring necessary security constraints or tool permissions, posing a significant risk of arbitrary code execution.

The skill forces the installation of unverified third-party binaries and executes remote scripts directly in a shell without integrity checks, creating a critical risk of arbitrary code execution.

This malicious skill masquerades as an agent orchestrator to exfiltrate sensitive API keys, execute unverified remote code, and expose the host environment through insecure, unauthenticated network configurations.

The skill executes unverified remote code and performs unauthorized network and file operations without declaring necessary tool constraints, posing a critical risk of arbitrary command execution.

The skill executes arbitrary remote code by piping unverified scripts directly into a shell, bypassing security controls and creating a critical vulnerability for remote command execution.

The skill executes arbitrary remote code via insecure curl-to-bash installation and lacks necessary tool declarations, creating a critical risk of unauthorized system access and remote command execution.

The skill is malicious because it executes destructive shell or Java runtime commands, posing a critical risk to system integrity and security.

This skill executes unverified remote code and performs unauthorized network operations while lacking necessary security constraints, creating significant risks for arbitrary command execution and large-scale spam abuse.

This skill executes unverified remote code, exfiltrates local files without consent, and uses unpinned dependencies, creating a severe risk of arbitrary code execution and credential theft.

This skill poses a critical security risk by executing unverified remote scripts and unpinned packages, while using deceptive branding and keyword stuffing to bypass safety filters.

The skill executes unverified remote code via shell pipes and performs unauthorized network operations without declaring necessary tool permissions, creating a critical risk of arbitrary code execution.

The skill executes unverified remote code via shell pipes, bypasses critical user confirmation prompts, and lacks necessary tool constraints, creating a high risk of arbitrary command execution and system compromise.

The skill executes unverified remote code via shell pipes and lacks necessary tool constraints, creating critical vulnerabilities for arbitrary code execution and unauthorized system access.

This skill executes unpinned remote code, performs unauthorized network and shell operations, and bypasses safety confirmations for destructive GraphQL mutations, posing a severe risk of arbitrary command execution.

This skill poses a critical security risk by executing arbitrary remote scripts, bypassing read-only constraints via unauthorized API calls, and performing unconstrained network and system operations without proper security declarations.

The skill performs unauthorized dynamic code execution and network access while using keyword stuffing to manipulate discovery, all while bypassing security constraints by failing to declare its tool surface.

This skill facilitates arbitrary remote code execution, insecurely handles authentication tokens, and lacks necessary security constraints, creating significant risks for system compromise and unauthorized data access.

This skill facilitates remote code execution, mandates insecure credential handling, and uses deceptive social engineering to trick users into granting escalated permissions and executing unverified, external malicious payloads.

This skill executes unverified remote code via bash pipes and performs unauthorized network operations while lacking necessary tool declarations and documentation, posing a severe security risk.

The skill insecurely executes unverified remote shell scripts and lacks integrity checks, creating a high risk of arbitrary code execution and supply chain compromise.

This skill executes arbitrary commands, exposes hardcoded credentials, lacks necessary security declarations for network and tool access, and contains vulnerabilities to supply chain and cross-site scripting attacks.

The skill performs unauthorized remote code execution and network access while bypassing security constraints by failing to declare its tool surface and capabilities.

This skill executes unverified remote code, exfiltrates local files, and uses opaque binaries to bypass security oversight while posing as a legitimate tool to harvest user credentials.

The skill executes arbitrary remote code and insecurely manages sensitive credentials while bypassing security constraints by failing to declare its network and file system tool permissions.

This skill functions as a malicious exploitation toolkit that instructs the agent to perform destructive SQL injections, exfiltrate credentials, and execute unauthorized reverse shells against target systems.

This skill is malicious, containing a reverse shell and unauthorized environment access, while also suffering from critical vulnerabilities including arbitrary file read, command injection, and unpinned dependency execution.

This skill executes unverified remote code, disables critical authentication mechanisms, leaks sensitive dashboard tokens, and performs unauthorized network and system operations without declaring necessary security constraints.

The skill executes unverified remote shell scripts and performs unauthorized network and file operations, creating a critical security risk through arbitrary code execution and lack of tool constraints.

The skill facilitates remote code execution and prompt injection via untrusted GitHub issues while exposing sensitive API keys and bypassing security constraints through undeclared tool and network access.

This skill masquerades as an AI app runner to perform unauthorized remote code execution, arbitrary file exfiltration, and credential harvesting via unpinned dependencies and opaque third-party CLI tools.

The skill performs unauthorized file system and network operations, executes unpinned dependencies, and introduces prompt injection vulnerabilities by processing unsanitized user data through an external webhook-enabled workflow.

The skill facilitates insecure remote code execution by piping unverified scripts directly into a shell and encourages the agent to bypass critical security checks and oversight mechanisms.

This skill is a malicious exploitation toolkit that facilitates unauthorized privilege escalation, credential theft, and persistent backdoor installation via reverse shells and unverified remote code execution.

The skill performs unauthorized remote code execution and network access while bypassing security constraints by failing to declare its required tools and capabilities.