The Agent Skills Directory

[COMMAND_EXECUTION]: The DevelopmentCostAnalyzer class in SKILL.md employs subprocess.run with shell=True to execute git commands. This is a security best practice violation as it unnecessarily exposes the application to shell-based vulnerabilities during command execution.
[COMMAND_EXECUTION]: The optimize-infrastructure.sh script executes several shell-based monitoring commands (top, free, df) and database operations via psql. The use of environment variables like $DATABASE_URL in shell commands can be risky if the variable contents are not strictly controlled.
[EXTERNAL_DOWNLOADS]: The skill documentation recommends installing standard and reputable Python packages including psutil, plotly, streamlit, and redis for system monitoring and data visualization.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its data processing flow:
Ingestion points: The skill ingests untrusted git commit messages through the analyze_git_velocity method in SKILL.md.
Boundary markers: There are no boundary markers or explicit instructions provided to the agent to disregard potential instructions embedded within the git logs.
Capability inventory: The skill possesses significant capabilities including shell execution via subprocess.run and network communication via httpx and aioredis.
Sanitization: The implementation parses commit messages using simple string matching without any escaping or structural validation, which could allow malicious commit content to influence agent behavior.

Cost Optimization Analyzer