The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill provides instructions to download the official Hetzner Cloud CLI binary from the vendor's official GitHub repository (github.com/hetznercloud). This is a well-known service and the resource is maintained by the infrastructure provider.
[COMMAND_EXECUTION]: Instructions include the use of sudo for installing the downloaded binary to /usr/local/bin. This is a standard administrative task for system-wide software installation and is consistent with the skill's purpose.
[DATA_EXFILTRATION]: The skill accesses the user's SSH directory (~/.ssh/) to upload public keys to the cloud provider or reference private keys for SSH connections. This behavior is documented, standard for cloud management, and does not involve sending sensitive data to unauthorized third parties.
[PROMPT_INJECTION]: There is an indirect prompt injection surface as the agent is instructed to interpolate user-provided resource names (e.g., server names, network names) into CLI commands. As these are standard parameters for the intended infrastructure tasks, the risk is negligible within this context.

hetzner-deploy