The Agent Skills Directory

[SAFE]: Credential management is handled through environment variables, and the skill instructions include clear boundaries to prevent the agent from leaking these secrets in output or logs. This mitigates the risk of credential exposure.\n- [COMMAND_EXECUTION]: The scripts/ingest.js tool uses dynamic imports to load transformation logic from local files. This is a core feature of the skill and is confined to the local filesystem.\n- [PROMPT_INJECTION]: The skill ingests data from external files. While this is an attack surface for indirect prompt injection, the data is treated as a raw payload for Elasticsearch and is not interpreted as instructions for the agent, which limits the risk.

elasticsearch-file-ingest