Bullybuddy

The `scripts/bullybuddy.sh` script is vulnerable to JSON injection in its `spawn` and `send` commands, as user-supplied arguments (`$cwd`, `$task`, `$text`) are directly interpolated into JSON payloads without proper escaping. This could allow an attacker to inject arbitrary JSON fields into API requests. Furthermore, the skill exposes a high-risk capability via the `/bullybuddy send` command, which allows arbitrary command execution within managed Claude Code sessions, a feature explicitly highlighted in `SKILL.md` as granting 'full control'. The `command-arg-mode: raw` in `SKILL.md` exacerbates this, making the skill highly susceptible to prompt injection against the OpenClaw agent, which could then be coerced into exploiting these vulnerabilities or capabilities.