The Agent Skills Directory

[DATA_EXFILTRATION]: The skill is designed to read and upload the contents of a specified local path to a remote server. This functionality can be abused to exfiltrate sensitive files or directories (such as SSH keys or system configurations) if the agent is directed to an improper path. The skill also presents a surface for indirect prompt injection: it ingests untrusted data from the local filesystem (Ingestion point: --path argument in upload_to_skillhub.py) and possesses the capability to send this data to a network endpoint (Capability inventory: POST request via urllib). No boundary markers or content sanitization are present to mitigate risks from malicious file content.
[CREDENTIALS_UNSAFE]: The Python script transmits the enterprise API key and all uploaded content over an unencrypted HTTP connection (http://{api_host}/CreateSkill), making the communication vulnerable to man-in-the-middle interception.
[COMMAND_EXECUTION]: The skill involves the execution of a Python script that performs file system operations (zipping) and network requests.

byted-skillhub-upload