The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the conviso CLI to perform operations on the Conviso Platform. It uses a secure command execution pattern in scripts/common.sh that prevents shell injection by handling arguments as an array.
[PROMPT_INJECTION]: While the skill handles external data (vulnerability titles and tags) that could be used for indirect prompt injection, it employs several robust mitigation strategies: 1. Ingestion points: Vulnerability data is ingested from the Conviso API via the CLI in scripts/10_collect_candidates.sh. 2. Boundary markers: The skill processes data in structured JSON and CSV formats, avoiding direct interpolation into instructions. 3. Capability inventory: Subprocess execution is limited to the conviso CLI tool. 4. Sanitization: The skill performs title truncation, numeric validation for IDs, and strict mapping for issue types in multiple scripts.

conviso-vuln-assignee-manager