The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/audit_db.exs reads local environment files (e.g., .env) and prints the raw values of sensitive variables like POSTGRES_PASSWORD to the standard output during the audit report generation.- [EXTERNAL_DOWNLOADS]: The scripts/audit_db.exs script utilizes Mix.install to fetch and compile external dependencies jason and yaml_elixir from the Hex package registry at runtime.- [COMMAND_EXECUTION]: The skill requires the execution of multiple system commands, including elixir for running the audit script, docker compose for managing containers, and mix for Phoenix database tasks.- [DATA_EXFILTRATION]: By printing raw passwords to the terminal, the skill exposes sensitive credentials to the agent's output stream, making them accessible in session logs or to the AI agent itself.- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection. Ingestion points: Reads config/dev.exs, docker-compose.yml, and .env files via scripts/audit_db.exs. Boundary markers: Absent. Capability inventory: Includes filesystem access, subprocess execution (elixir, docker), and the ability to modify project configuration files. Sanitization: Relies on regular expressions and YAML parsing for data extraction, which may be susceptible to malicious input if the configuration files are from an untrusted source.

phx-setup-pg