The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The skill directs the agent to execute shell-based curl commands. The use of variables like {container_id} and {action} within these commands poses a risk of command injection if those values are sourced from untrusted or malicious container metadata.\n- DATA_EXFILTRATION (LOW): Accessing container logs (/logs) introduces a data exposure risk, as logs frequently contain sensitive runtime information such as secrets or environment variables which are then ingested into the AI's context.\n- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it processes untrusted data from container logs.\n
Ingestion points: Container logs are ingested through the curl templates defined in SKILL.md.\n
Boundary markers: Absent. No delimiters or instructions are provided to the agent to distinguish log content from system instructions.\n
Capability inventory: The skill possesses the ability to execute shell commands (curl) and modify container states.\n
Sanitization: Absent. The skill lacks mechanisms to sanitize or validate the content of the logs before they are interpreted by the agent.

portainer-skill