The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the vendor-provided cx CLI and the jq utility to manage alert definitions and query telemetry. Commands are constructed using parameters like alert IDs, names, and JSON payloads.
[DATA_EXFILTRATION]: The skill provides instructions for commands such as cx alerts create --from-file <path> and cx alerts suppression-rules create --from-file <path>. These allow the agent to read local files, which could lead to accidental data exposure if a user provides a sensitive file path or is influenced by a malicious data source.
[PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (IPI) due to its core functionality.
Ingestion points: The agent reads potentially untrusted data from the Coralogix platform, including alert definitions (cx alerts list/get), log entries (cx logs), metrics (cx metrics), and tracing spans (cx spans).
Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the processed telemetry or configuration data.
Capability inventory: The skill has significant capabilities, including the ability to create, modify, and delete alert definitions and suppression rules via the cx CLI.
Sanitization: No evidence of sanitization or validation is present for data retrieved from external telemetry sources before it is interpreted by the agent.

cx-alerts