Customer Onboarding

The `SKILL.md` file contains `clawhub install` commands, which are command-like strings. If an AI agent is vulnerable to prompt injection, it could interpret these as instructions to execute, leading to Remote Code Execution (RCE). Additionally, `SKILL.md` and `README.md` contain external URLs (e.g., `https://afrexai-cto.github.io/context-packs/`). If the agent has web browsing capabilities and is susceptible to prompt injection, it could be instructed to access these URLs, leading to unauthorized network access. While these elements are likely intended for user interaction or marketing, they represent significant prompt injection vulnerabilities, classifying the skill as suspicious due to risky capabilities without clear malicious intent.