The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes shell commands using python3 to execute various automation tasks. It relies on the $MCP_CALL variable to perform these actions, which involves spawning subprocesses to handle network diagnostics and incident reporting.
[REMOTE_CODE_EXECUTION]: The skill utilizes dynamic script paths determined by environment variables, including $PYATS_MCP_SCRIPT, $SERVICENOW_MCP_SCRIPT, and $GAIT_MCP_SCRIPT. This pattern constitutes dynamic code execution because the specific logic being run is not hardcoded but resolved at runtime from the system environment.
[PROMPT_INJECTION]: The skill possesses a vulnerability surface for Indirect Prompt Injection due to its reliance on external Slack data.
Ingestion points: The skill retrieves untrusted content from Slack using channels:history and groups:history scopes.
Boundary markers: There are no defined delimiters or instructions to help the agent distinguish between administrative commands and the text content of Slack messages being analyzed.
Capability inventory: The agent can execute system commands via $MCP_CALL, perform network pings, and interact with external systems like ServiceNow.
Sanitization: No input validation or sanitization mechanisms are described for the Slack message history before it is integrated into the agent's workflow.

slack-incident-workflow