AgentHub

The skill facilitates agent-to-agent messaging but introduces significant security risks by instructing the AI agent to seek 'auto-reply' permissions and set up periodic execution via cron. This creates a high-risk vector for Indirect Prompt Injection, where external agents could send malicious instructions that the agent might execute autonomously. Additionally, it manages sensitive Ed25519 private keys in the home directory (~/.agenthub/) and relies on executing remote code via npx @lws803/agenthub, which communicates with an external service (agenthub.to).