The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions for the agent to execute various administrative shell commands.- Evidence: SKILL.md documents the use of curl for API interactions, bun and tsx for script execution, and psql for direct database management.- [DATA_EXFILTRATION]: The skill handles sensitive configuration data and authentication tokens during operation.- Evidence: The documentation describes managing cookies.txt for session-based authentication and uses sensitive environment variables such as DATABASE_URL and PAYLOAD_SECRET.- [PROMPT_INJECTION]: The skill architecture is susceptible to indirect prompt injection due to the way it processes external data.- Ingestion points: Markdown content is ingested from local files or standard input by md_to_lexical.py, and JSON data is retrieved from remote API responses.- Boundary markers: Absent. There are no delimiters or instructions provided to ensure the agent ignores potential commands embedded in the processed content.- Capability inventory: The agent has permissions to execute shell commands, perform network requests, and modify database records.- Sanitization: Absent. No logic is present to sanitize or validate external content before it is converted or committed to the CMS database.

payload