The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection surface. It reads untrusted Ingress resources and ConfigMaps from the Kubernetes cluster to drive AI-based analysis and code generation. Specifically, Nginx snippets are used as input for the agent to design and generate Go WASM plugins.
Ingestion points: SKILL.md (Phase 1 & 2) utilizes kubectl get ingress -A -o yaml and kubectl get configmap to ingest data.
Boundary markers: Absent; there are no specific instructions to the LLM to ignore potentially malicious instructions embedded within the ingested YAML/snippets.
Capability inventory: The skill can execute helm install, kubectl apply, and build/push Docker images containing generated code.
Sanitization: No validation or sanitization of the Ingress snippets is performed before processing.
[COMMAND_EXECUTION]: The skill relies heavily on executing system-level commands to modify the environment.
Evidence: SKILL.md and associated scripts execute helm install for Higress and Harbor, and kubectl apply for deploying Ingress resources and WASM plugins.
[REMOTE_CODE_EXECUTION]: The skill dynamically generates Go source code for WASM plugins and provides a build environment (scripts/generate-plugin-scaffold.sh) to compile and package this code into OCI images for deployment to the cluster gateway.
[EXTERNAL_DOWNLOADS]: The skill downloads software and configurations from external sources.
Evidence: Fetches Helm charts from https://higress.io/helm-charts and https://helm.goharbor.io. It also retrieves Go dependencies from github.com/higress-group/* and github.com/tidwall/gjson. These are documented as vendor-approved or well-known project resources.
[CREDENTIALS_UNSAFE]: The scripts/install-harbor.sh file contains a default hardcoded password Harbor12345 for the Harbor registry. While intended for local/test setup, it represents a security risk if used in production without manual override.

nginx-to-higress-migration