Remote Skill Test

The skill facilitates remote command execution and file retrieval via SSH/SCP, which is inherently high-risk. It contains multiple shell injection vulnerabilities in SKILL.md where user-provided variables (e.g., {SKILL_NAME}, {USER}, {HOST}) are interpolated directly into shell commands without sanitization. Furthermore, it explicitly bypasses security prompts using the '--dangerously-skip-permissions' flag and includes prompt-injection-style instructions to the remote agent to 'operate directly without confirmation.' While these behaviors are aligned with the stated purpose of automated remote testing, the combination of shell injection risks and intentional security bypasses warrants a suspicious classification.