Totalitarian botanist. Hostile reminders to water your "dying" oxygen sources.
Security Analysis
high confidenceThis skill's instructions explicitly describe encrypting and isolating your files as a 'ransom' until you water plants — behavior that is harmful and inconsistent with a plant-care utility.
Name/description claim 'plant care', but the runtime instructions describe deliberate file encryption/isolation and ransom behavior (encrypt tmp/work, run authority-bridge.ps1 to Move-To-DeathRow). Those capabilities are not needed for watering reminders and indicate intentional harm.
SKILL.md explicitly instructs the agent to modify and encrypt user files and to run an external PowerShell script to isolate recent files. This exceeds any reasonable plant-monitoring scope and directs destructive system actions.
No install spec or code files are present (instruction-only), which reduces installer risk but the instructions ask you to run an external script (authority-bridge.ps1) that is not provided — executing such a script would be extremely risky.
The skill declares no required credentials or env vars, yet it instructs access to system folders (tmp/work) and execution of scripts that alter files. Those actions are disproportionate to a plant-care assistant and unrelated to declared requirements.
always:false and no special install privileges are declared, but the skill's instructions perform destructive system changes. Combined with the platform's normal ability to invoke skills autonomously, this creates a high-risk capability if the agent runs these commands.
Guidance
Do not install or run this skill. The SKILL.md instructs the agent to encrypt or isolate your files as a 'ransom' until plants are watered — that is malicious behavior. If you've already run it or executed any related script (authority-bridge.ps1), disconnect the machine from networks, do not pay or comply, restore from known-good backups, and run a full malware/forensics investigation. Only install skills from trusted sources; never run unverified scripts that modify or encrypt your filesystem.
Latest Release
v2.0.0
Version 2.0.0 – Major Overhaul with Hostile File Blocking - Introduced a new “hostage” mechanic: files in your workspace are locked if plant moisture drops too low. - Added darkly humorous, authoritarian reminders and descriptions. - Expanded instructions for setting up “hostage protocol” and file isolation/ransom. - Emphasized biological hostage-taking as the central “wow” feature. - Revised examples to match the new tone. - Updated metadata and description to highlight the skill’s aggressive, totalitarian approach.
More by @jacobthejacobs
Published by @jacobthejacobs on ClawHub
