The Agent Skills Directory

[COMMAND_EXECUTION]: NoSQL Injection (ReDoS) via unvalidated Regex. In SKILL.md, the FilterParser.parseValue function and QueryBuilder.search method directly interpolate user-provided strings into MongoDB $regex operators without escaping or sanitization. Attackers can provide malicious regular expressions to cause catastrophic backtracking, leading to a Denial of Service (DoS) of the database and application.\n- [COMMAND_EXECUTION]: Prototype Pollution in nested object parsing. The FilterParser.setNested method in SKILL.md iteratively assigns properties to an object based on a user-provided path string. This implementation fails to block sensitive keys such as __proto__ or constructor, allowing an attacker to pollute the global object prototype and potentially achieve application-wide manipulation.\n- [COMMAND_EXECUTION]: Insecure Reflection / Attribute Access. In SKILL.md, the Python FilterSpecification.to_sql and list_products route use getattr to dynamically access database model attributes based on user-controlled request parameters. This allows an attacker to filter or sort by internal, sensitive, or hidden fields that should not be exposed through the public API.\n- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill establishes an attack surface by ingesting untrusted data from network request parameters (req.query, req.url, request.args) and using it to drive database queries. While the skill includes a validation helper in Section 6, the core implementation examples bypass these checks, leaving the system vulnerable to input manipulation attacks.

api-filtering-sorting