The Agent Skills Directory

[COMMAND_EXECUTION]: The skill enables the execution of arbitrary shell commands on remote nodes via the operon exec run and operon exec session commands, supporting both detached and interactive terminal sessions.- [COMMAND_EXECUTION]: The skill provides complete filesystem management capabilities on remote nodes using operon fs, which allows the agent to read, write, copy, delete, and mount filesystems.- [PROMPT_INJECTION]: Ingestion points: The agent reads content from remote files (operon fs read) and command output logs (operon exec logs) in SKILL.md. Boundary markers: None are defined in the instructions for isolating this external data. Capability inventory: The skill provides extensive remote execution and filesystem access across all scripts. Sanitization: No sanitization or validation of the ingested data is described. This combination identifies an attack surface for indirect prompt injection if remote content contains malicious instructions.- [SAFE]: The instructions implement safety guardrails by explicitly requiring the agent to obtain user confirmation before performing destructive filesystem operations (such as overwriting, removing, or truncating files) and by recommending the use of the audit show command to verify system changes.

operon-fs-execs