The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill's documentation and connection test logic refer to a setup script at https://elastic.co/start-local, which is an official domain owned by the vendor (Elastic). This script is used to simplify the deployment of local development environments.
[COMMAND_EXECUTION]: Instructions in SKILL.md suggest using a shell pipe (curl | sh) to execute the environment setup script provided by the vendor.
[REMOTE_CODE_EXECUTION]: The scripts/ingest.js file utilizes dynamic import() and require() calls to load transformation logic from a file path specified by the user via the --transform flag. This allows for the execution of arbitrary local code as part of the data ingestion pipeline, which is a core functional requirement of the skill.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. 1. Ingestion points: Data enters via files, standard input, or source indices in scripts/ingest.js. 2. Boundary markers: No specific markers or delimiters are present to separate data from instructions. 3. Capability inventory: The skill can perform network requests to Elasticsearch and execute arbitrary JavaScript. 4. Sanitization: Data is processed as-is without filtering for embedded instructions. This is a common surface for data ingestion tools but remains at a safe level here.

elasticsearch-file-ingest