The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the sail CLI to perform environment management and API interactions. It executes commands such as sail environment list, sail api get, and sail api post to retrieve status information and perform request cancellations.
[PROMPT_INJECTION]: The skill processes JSON data returned from the SailPoint API. This creates a surface for indirect prompt injection if an attacker can manipulate fields within the SailPoint environment (e.g., identity names or error messages) to include instructions for the AI agent.
Ingestion points: API responses from /v2025/access-request-status and /v2025/public-identities are processed in SKILL.md.
Boundary markers: The skill does not explicitly use delimiters or specialized instructions to isolate the external data from the system prompt.
Capability inventory: The skill has the capability to execute sail api post commands which can modify state (cancel/close requests) based on the processed data.
Sanitization: The skill instructions recommend stripping CLI log metadata before parsing JSON, but do not specify input validation or instruction filtering for the data content.

sailpoint-access-request-investigator