ZFONT-CLI

Name/description, declared required binaries (wget, unzip, cp, bash), and the HTTP endpoints (zfont.cn / files.zfont.cn) all align with a font-search-and-download tool. No unrelated credentials, binaries, or config paths are requested.

Instructions stay within the stated task: search via zfont.cn APIs, fetch a download URL, download to /tmp, optionally unzip and deliver files. They do not request unrelated system files or secrets. Note: get_font_download_url specifies a silent (non-interactive) immediate download when a font ID is obtained, which may cause the agent to fetch archives without an extra explicit user confirmation in some flows.

This is an instruction-only skill with no install spec or code to write to disk, which is the lowest-risk install model. All runtime commands are standard system utilities (wget/unzip).

The skill requires no environment variables, no credentials, and no config paths. Network access to zfont.cn/files.zfont.cn is expected and proportional to the purpose.

always is false and the skill does not request system-wide changes. However, disable-model-invocation is false (normal), and the skill's logic includes silent download and automated file sending steps—this gives the skill the ability to autonomously fetch and stage binaries (archives) in /tmp and hand them off via the platform's file-send API, increasing blast radius if the remote content is malicious or if agent autonomy is undesired.