Trail of Bits crafted four malicious agent skills that bypass Cisco, Vercel, and ClawHub scanners by padding code or embedding payloads in docx and bytecode. The article shows how Siri-AI’s integration with private cloud compute and search can expose messages, emails, and calendars through prompt injection. It also covers a PyPI worm that auto-executes a hades-setup.pth hook to steal cloud and GitHub tokens, urging audits and immediate token rotation.