The Agent Skills Directory

CREDENTIALS_UNSAFE (HIGH): The SKILL.md file contains a table titled 'Test Users' which includes hardcoded cleartext passwords for administrative, receptionist, and volunteer roles. Evidence: user 'admin' with password 'Almanik2025!', 'recepcion' with 'Recep123!', and 'voluntario1' with 'Vol123!'. This represents a critical credential exposure for any system using these defaults.
PROMPT_INJECTION (MEDIUM): The skill documentation describes an indirect prompt injection vulnerability surface where the agent processes untrusted external data. 1. Ingestion points: iCal synchronization URLs ingested via the '/api/ical/sources' endpoint and stored in the 'ical_sources' table; 2. Boundary markers: No markers or 'ignore' instructions are present to delimit external data; 3. Capability inventory: The skill provides logic for managing property reservations, financial calculations, and guest management; 4. Sanitization: There is no documentation regarding the sanitization or escaping of external iCal feed content. This allows an attacker to influence agent reasoning by embedding instructions in synchronized external calendar data.

hostel-os-pms