The Agent Skills Directory

[PROMPT_INJECTION]: Indirect prompt injection surface detected in content processing.
Ingestion Points: The scripts scripts/boolean_sqli_tester.py and scripts/response_analyzer.py fetch and analyze content directly from external URLs and HTTP responses.
Capability Inventory: The skill can perform network requests and write data to a local database via the StorageAPI dependency.
Boundary Markers: No delimiters or instructions to ignore embedded prompts are present when the agent processes target responses.
Sanitization: Data is analyzed for technical patterns but not sanitized to prevent the execution of instructions that might be contained within target server responses.
[REMOTE_CODE_EXECUTION]: Dynamic module loading from computed relative paths.
Evidence: In scripts/sqli_storage.py, the script modifies sys.path to import StorageAPI from a location outside of the skill's own directory (../../results-storage/scripts). This dynamic loading from paths calculated at runtime is a risk factor for loading unintended code if the environment is not strictly controlled.
[EXTERNAL_DOWNLOADS]: References to external tool repositories.
Evidence: SKILL.md and references/sqlmap_guide.md provide instructions to download the sqlmap tool from its official GitHub repository. These references target a well-known security service and are documented neutrally for setup purposes.
[COMMAND_EXECUTION]: Extensive documentation of shell commands for security testing.
Evidence: The skill provides numerous examples for executing sqlmap, curl, and internal Python scripts. These commands are intended for authorized security testing and allow the agent to interact with the host shell to perform network-based vulnerability assessments.

exploit-sqli