agentcli-go

The skill bundle is classified as suspicious due to the exposure of high-risk capabilities without explicit malicious intent. Specifically, the `exec.go` module, as described in `SKILL.md`, provides `RunCommand` and `RunOsascript` functions, enabling the AI agent to execute arbitrary shell commands and AppleScript. This presents a significant remote code execution (RCE) vulnerability if the agent is prompted maliciously. Additionally, `scaffold.go` allows file system modifications, and `configx.go` can read environment variables, posing further risks for data exfiltration or unauthorized changes. While these functionalities might be plausible for a CLI framework, their direct exposure to an AI agent without clear safeguards makes the skill highly susceptible to abuse.