Agent Powerups ships instructions, metadata, and helper scripts. The risk surface comes from what an agent can do after loading them.

• Review assets before enabling them.
• Do not trust compatibility claims blindly.
• Do not run install commands or scripts without understanding their effect.
• Give agents least privilege.

This repo should not contain:

• tokens, API keys, or credentials
• machine-specific paths
• internal project names, non-public dataset/table identifiers, or company-specific examples
• personal or customer data
• destructive-only automation
• instructions to bypass security controls

• Hooks may execute code.
• MCP configs may expand tool access.
• Skills may direct an agent to read local files or run commands.
• Install commands can modify the local environment.

More detail: docs/security-model.md

If you find sensitive content or dangerous instructions, please report it privately via GitHub Security Advisories or email the maintainers directly. Do not post sensitive material in public issues.