The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell scripts to interact with the PocketBase API and perform system-level operations like backups.\n- Evidence: References to ./skills/pocketbase-operations/scripts/pb_request.sh, pb_healthcheck.sh, pb_api_logs.sh, and the use of tar for backing up /var/lib/pocketbase in SKILL.md.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the interpolation of user-provided data into shell command execution.\n- Ingestion points: Data entering the context includes RECORD_ID and JSON request bodies used in API calls within SKILL.md.\n- Boundary markers: Absent. There are no markers or instructions to treat input as literal data rather than command components.\n- Capability inventory: The skill can execute shell scripts and read system directories (SKILL.md).\n- Sanitization: No sanitization or escaping mechanisms are documented for the interpolated variables.

pocketbase-agent-orchestrator