The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes subprocess.run across multiple Python scripts (setup.py, deploy.py, provision.py) to execute local CLI tools such as git, gh, terraform, and docker for automated infrastructure management.\n- [COMMAND_EXECUTION]: The server initialization process in SKILL.md and templates/cloud-init.yaml creates a user account with NOPASSWD:ALL sudo permissions, enabling the execution of administrative commands without authentication.\n- [COMMAND_EXECUTION]: The skill interpolates user-provided server names and usernames into shell scripts executed over SSH in SKILL.md and deploy.py, creating a surface for indirect command injection if the inputs contain shell metacharacters.\n- [REMOTE_CODE_EXECUTION]: During the environment setup, the skill downloads and pipes an installation script from the oh-my-zsh GitHub repository to a shell using the curl | sh pattern on the remote server.\n- [CREDENTIALS_UNSAFE]: The setup.py script automatically generates Ed25519 SSH private keys and stores them as GitHub repository secrets to facilitate automated access to provisioned infrastructure.\n- [DATA_EXFILTRATION]: The skill collects Scaleway Access Keys and Secret Keys from the user via prompts and transmits them to GitHub using the gh CLI to be stored as repository secrets for future automated deployments.

Scaleway Deployment