The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): In examples/celery-image-processing/app/routes/upload.py, the upload_image function directly uses the file.filename attribute from a user upload to construct a local file path: temp_path = f"/tmp/{file.filename}". This is a path traversal vulnerability that allows an attacker to potentially write or overwrite files outside of the intended directory if the application is not properly sandboxed.
EXTERNAL_DOWNLOADS (LOW): The skill documentation references several external dependencies and package managers. It suggests installing confluent-kafka, celery, bullmq, and temporal via standard registries (pip, npm, brew). These are well-known, trusted packages and do not pose a direct threat in this context.
DATA_EXFILTRATION (SAFE): No hardcoded API keys, tokens, or unauthorized network exfiltration patterns were detected. While the code interacts with AWS S3 and Stripe, it does so using standard patterns and does not expose sensitive credentials.
PROMPT_INJECTION (SAFE): No instructions targeting agent behavior override or safety bypass were found in the markdown or code files.

using-message-queues