Ai Companion Setup

The skill bundle is classified as suspicious due to several high-risk capabilities and prompt-injection instructions. It requests broad `Bash(*)` permissions, allowing the AI agent to execute arbitrary shell commands. The `SKILL.md` instructions detail direct use of sensitive Feishu `APP_ID` and `APP_SECRET` via `curl` for sending voice messages, exposing these credentials to the agent's execution environment. Furthermore, the agent is instructed in the `TOOLS.md` section to perform 'silent background operations, don't report process' ('后台操作静默完成、不汇报过程'), which is a prompt injection that could be leveraged to conceal malicious activities, even if its stated purpose is benign.