The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill documentation and decision logic recommend deploying container images from an unverified external source: ghcr.io/bikramkgupta/debug-python and ghcr.io/bikramkgupta/debug-node. These images are hosted under a personal account rather than the official vendor's organization.
[REMOTE_CODE_EXECUTION]: By instructing the agent to deploy and run the third-party debug-python image, the skill executes remote code contained within that image, including the validate-infra suite and various internal diagnostic scripts (/app/scripts/diagnose.sh). This code is granted access to infrastructure secrets passed via environment variables.
[COMMAND_EXECUTION]: The skill utilizes the do_app_sandbox SDK and doctl apps console to provide arbitrary shell execution within application containers. This allows the agent to run any command, read local files, and inspect the environment of running services.
[DATA_EXFILTRATION]: The troubleshooting workflows involve reading sensitive environment variables (e.g., DATABASE_URL, KAFKA_CA_CERT) and application configuration files (e.g., /app/config.py). While necessary for debugging, the combination of sensitive data access and the use of third-party validation images creates a risk of unauthorized data processing or exfiltration.
[INDIRECT_PROMPT_INJECTION]: The skill analyzes runtime and build logs, which are untrusted data sources that could contain embedded instructions intended to influence the agent's behavior during analysis.
Ingestion points: doctl apps logs (logs-analysis.md)
Boundary markers: None provided; logs are analyzed as raw text.
Capability inventory: SDK shell execution (app.exec), filesystem operations (app.filesystem), and doctl CLI access.
Sanitization: No filtering or sanitization of log content is documented.

app-platform-troubleshooting