The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform system-level operations and execute product-specific CLI commands. This includes managing background processes using nohup and pkill (e.g., pkill -f 'moose dev'), as well as using curl for health checks on the local webserver.
[CREDENTIALS_UNSAFE]: Documentation within the skill includes references to default credentials (panda:pandapass) for the local development environment's ClickHouse instance, mentioned to assist the agent in recognizing authentication-related errors in logs.
[PROMPT_INJECTION]: The instructions include directives for the agent to ignore specific patterns (such as the deprecated IngestPipeline class) that may exist in its "training memory" or in "scaffolded comments," which functions as a command to override previous instructions or training. Additionally, the skill establishes a surface for indirect prompt injection:
Ingestion points: The agent is instructed to read and analyze untrusted data from moose.log and the results of moose query commands.
Boundary markers: Absent. The skill does not provide delimiters or instructions for the agent to treat data from these external sources as non-executable text.
Capability inventory: The agent has the ability to execute shell commands via Bash and perform file system operations.
Sanitization: Absent. No instructions are given to sanitize or validate the content of the logs or database responses before the agent processes or acts upon them.

moose-basics