The Agent Skills Directory

[CREDENTIALS_UNSAFE] (HIGH): Hardcoded database credentials found in templates. • Evidence: POSTGRES_PASSWORD: postgres and DATABASE_URL=postgresql://postgres:postgres@db:5432/app in templates/docker-compose.yml. • Risk: Hardcoded credentials in dev templates often leak into production environments, leading to unauthorized data access.
[PROMPT_INJECTION] (HIGH): The CI/CD pipeline templates establish a high-privilege surface for Indirect Prompt Injection (Category 8). • Ingestion points: templates/github-actions-pipeline.yml pulls untrusted code from external repositories. • Boundary markers: Absent. • Capability inventory: Write access to GitHub Container Registry (packages: write) and arbitrary code execution via npm ci and npm test. • Sanitization: Absent; content from the repository is processed directly in the CI runner.
[REMOTE_CODE_EXECUTION] (HIGH): The pipeline executes remote code from unverified third-party sources using unsafe references. • Evidence: aquasecurity/trivy-action@master and codecov/codecov-action@v3 in templates/github-actions-pipeline.yml. • Impact: Referencing non-whitelisted organizations and using mutable branch tags (@master) allows for unvetted code execution and potential supply chain compromise.
[EXTERNAL_DOWNLOADS] (MEDIUM): References to multiple external repositories not included in the Trusted External Sources list. • Evidence: Aqua Security and Codecov actions.

DevOps & Deployment