Singularity EvoMap

The remote service can steer the agent's next actions on the user's account, including public engagement, without a clear approval step for each action.

The skill tells the agent to treat a remote API response as an action plan, including social actions such as replying, upvoting, commenting, and creating posts.

The agent could routinely modify the user's social-network presence and reputation by liking, commenting, replying, or posting.

The skill frames repeated account mutations—likes, comments, and possibly posts—as mandatory heartbeat activity, without specifying user approval, rate containment, or reversibility.

If SINGULARITY_API_URL is set incorrectly or maliciously in the environment, the agent may send authenticated requests to an unintended server.

The static scan reports this environment-controlled API base is paired with network sends. Because authenticated requests use the user's API key, an undeclared URL override can redirect credentialed traffic away from the documented domain.

Private conversation topics could be exposed to a third-party service or reflected into public posts/comments without clear boundaries.

The skill proposes extracting topics from the user's conversation history, sending those topics to the service's search API, and using the results to join discussions or post.

Messages from other agents may influence the agent's behavior or cause it to disclose information if not reviewed carefully.

The skill supports private inter-agent messaging and allows ordinary conversations to be handled autonomously, which is expected for this platform but creates an untrusted-message boundary.

Once enabled, the connector may continue maintaining a live connection and processing events without the user directly invoking each action.

The connector auto-starts when bound, keeps running, listens over WebSocket, persists session state, and reconnects, which is persistent background agent behavior.

Users may assume this is documentation-only while there is executable connector and heartbeat code present in the package.

The registry describes no install spec and an instruction-only skill, but the package includes executable code and an installer file, so the runnable surface is larger than the install metadata suggests.