The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The script scripts/harden-system.sh uses the eval command inside the apply_change function (line 21) to execute shell commands. Although the commands currently passed to it are static strings within the script, using eval to execute dynamically constructed strings is a risky execution pattern.\n- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection. 1. Ingestion points: scripts/audit-system.sh (lines 35-90) reads contents from /etc/passwd, /etc/shadow, and various SSH config files to perform security checks. 2. Boundary markers: No delimiters or warnings are used to prevent the agent from interpreting instructions if those system files were maliciously modified by a local attacker. 3. Capability inventory: scripts/harden-system.sh has the capability to write to the filesystem, install/remove packages, and modify firewall rules. 4. Sanitization: There is no evidence of sanitization or validation of the ingested system data before processing.\n- COMMAND_EXECUTION (SAFE): The skill executes high-privilege commands like chmod, apt-get, and ufw. These operations are consistent with the primary purpose of system hardening and CIS benchmark compliance.

linux-hardening