The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides templates for the 'stdio' MCP server type, which involves executing local commands and scripts. Documentation includes security best practices such as using absolute paths and avoiding the execution of user-controlled strings.
[EXTERNAL_DOWNLOADS]: The documentation includes examples that use npx to download and execute official MCP packages (e.g., @modelcontextprotocol/server-filesystem). These references target a well-known service associated with the protocol.
[PROMPT_INJECTION]: The skill facilitates Indirect Prompt Injection by providing patterns for autonomous agents that ingest and process data from external MCP tools (such as database query results). This creates a surface where malicious instructions embedded in external data could influence agent behavior. (1) Ingestion points: Data returned from MCP tools (e.g., mcp__plugin_db_server__query) as described in references/tool-usage.md. (2) Boundary markers: The provided agent examples do not explicitly demonstrate the use of delimiters or 'ignore' instructions for processed data. (3) Capability inventory: MCP tools can perform a wide range of actions including file system access, network requests, and subprocess execution. (4) Sanitization: No specific sanitization or validation logic is detailed for handling the content returned by MCP tools before it is processed by the agent.

MCP Integration