The Agent Skills Directory

[DATA_EXFILTRATION] (HIGH): Path Traversal in API Route Template. In references/templates/LocaleRoutes.php.md, the route /api/translations/{locale} directly interpolates the {locale} parameter into a file path: $path = lang_path("{$locale}.json"). Since this parameter is not validated or constrained by a regular expression, an attacker can use directory traversal sequences like ../ to access files outside the intended directory. If the file is a valid JSON (e.g., project configuration or dependency manifests), its content is returned in the response.\n- [PROMPT_INJECTION] (LOW): Mandatory use of unverified external agent skills. The SKILL.md file mandates a workflow using TeamCreate to spawn fuse-ai-pilot agents. These agents are not listed in the trusted external sources, posing a risk of untrusted logic execution if those skills are compromised or behave maliciously.\n- [DATA_EXFILTRATION] (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted data from URL segments and headers to set the application locale. While some parts of the skill use Enums for validation, the API translation route lacks sanitization, providing an entry point for path-based attacks.\n
Ingestion points: {locale} parameter in the API route (references/templates/LocaleRoutes.php.md).\n
Boundary markers: None present.\n
Capability inventory: Filesystem read via file_get_contents and network response via response()->json().\n
Sanitization: Absent in the vulnerable API route template.

laravel-i18n