The Agent Skills Directory

[DATA_EXFILTRATION]: The skill instructs the agent to locate and inspect highly sensitive files and credentials to identify service usage for cost analysis.
Evidence: SKILL.md contains instructions to "Scan for these cost sources: .env, config/, secrets".
Evidence: references/cost-analysis.md provides patterns for reading environment files and searching for credentials such as API_KEY, SECRET, and TOKEN.
[COMMAND_EXECUTION]: The skill recommends the use of shell commands to extract sensitive data directly from the project environment.
Evidence: references/cost-analysis.md suggests using the command: grep -r "API_KEY\|SECRET\|TOKEN" .env* config/ to find secrets.
[PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection because it processes untrusted codebase data without isolation or sanitization.
Ingestion points: The agent is directed to scan routes, components, and database models for feature discovery as specified in SKILL.md.
Boundary markers: None identified; the skill does not provide delimiters or instructions to treat scanned codebase content as data rather than instructions.
Capability inventory: The agent has the ability to read arbitrary files and generate implementation code, such as the Stripe integration patterns found in references/stripe.md.
Sanitization: Absent; there is no logic to validate or filter the content retrieved from project files during the discovery process.

revenue-optimizer