The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs users to download the Google Cloud SDK using a direct shell-piped command (curl https://sdk.cloud.google.com | bash). This is a recognized pattern for installing official developer tools from Google, which is a trusted organization.
[REMOTE_CODE_EXECUTION]: Automated scans detected the execution of a remote script from google.com. This facilitates the installation of the gcloud CLI tool. As the source is an official vendor domain, this is documented as standard setup procedure for the platform.
[COMMAND_EXECUTION]: The skill provides scripts (cloudflare_deploy.py) that use the subprocess module to execute wrangler CLI commands. This is expected functionality for a deployment automation tool.
[DATA_EXFILTRATION]: The .env.example file contains placeholders for sensitive credentials (API tokens, account IDs). No hardcoded secrets were found; the file follows best practices by providing a template for users to populate locally.
[PROMPT_INJECTION]: The docker_optimize.py script ingests content from local Dockerfiles to provide optimization suggestions. This creates a surface for indirect prompt injection where a maliciously crafted Dockerfile could attempt to influence agent responses. However, the script only performs static analysis and does not execute the Dockerfile content, posing no direct execution risk.

devops