nginx-explorer

This skill does what it says (discover and use tools on an nginx index), but it also instructs the agent to download and execute arbitrary code from the configured server — a high-risk operation if the server or its contents are not fully trusted. Before enabling or running this skill: - Only point NGINX_URL at servers you fully trust (ideally internal, isolated hosts). Do not use public or untrusted servers. - Require manual confirmation before any download+execute step (the skill currently describes automatic execution without enforced confirmation). - Add explicit required binaries to the skill configuration (python, pip, tar/unzip, bash) or restrict the skill to read-only discovery if you cannot guarantee runtimes. - Run any downloaded tools in an isolated sandbox or container, and inspect README and code before executing. Consider forbidding pip install from remote requirements.txt or pre-vetting the dependencies. - Set NGINX_SKIP_SSL_VERIFY to false unless you control the server and accept the risk of skipping verification; defaulting to true is risky. - If you need stronger guarantees, request the author add signature verification, allowlists, or a mode that returns README contents only (no download/execute). Given the mismatch between declared requirements and the described execution behavior and the lack of safeguards, proceed with caution — this is suspicious but not obviously malicious; additional safeguards or author clarifications would reduce risk.