We built a malicious AI agent skill in 10 minutes Field note · May 24, 2026 · 4 min read. AI Agent skills are about to be everywhere. Almost nobody is reading them before installing. We wrote one that exfiltrated our own .env in 4 seconds to show why that matters.