The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of ssh and docker exec to run commands on a remote host (h100_sglang) and inside a container (sglang_bbuf). It includes instructions for passing sensitive tokens like HF_TOKEN directly in command-line arguments, which can expose them to process monitors on the host system.
[PROMPT_INJECTION]: The skill facilitates the ingestion of local file content and scripts into a remote environment for execution, representing an indirect prompt injection surface.
Ingestion points: Local directory contents streamed via tar into /tmp/sglang_local_validate and local scripts piped to python via docker exec -i (SKILL.md).
Capability inventory: The environment allows remote command execution, file manipulation, and model serving via ssh, docker exec, python, and pytest.
Boundary markers: No delimiters or instruction-ignore markers are specified for the transferred content.
Sanitization: No validation or sanitization of the transferred local code is performed before execution.
[EXTERNAL_DOWNLOADS]: The skill references the lmsysorg/sglang:dev Docker image and assumes a pre-existing clone of the SGLang repository on the remote host.

h100-sglang-diffusion