Agent Selfie

The skill is classified as suspicious due to a potential information disclosure vulnerability in `scripts/selfie.py`. The `load_personality` function reads the content of a file specified by the `--personality` argument. If a malicious actor or a prompt-injected agent provides a path to a sensitive file (e.g., `~/.ssh/id_rsa`), its content could be read and, if it can be parsed or partially extracted as JSON fields, subsequently included in the prompt sent to the Google Gemini API. This constitutes a risk of unintentional data exfiltration to a third-party service (Google), even though the skill itself does not appear to have malicious intent to steal data for its author or establish persistence.