The Agent Skills Directory

[DATA_EXFILTRATION]: The skill provides script templates that acquire an Azure access token for the https://ai.azure.com/ resource and transmit it to a user-provided project endpoint via a POST request. If the endpoint is malicious or incorrectly specified, sensitive authentication tokens could be exposed to third parties.
[PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface by reading agent instructions from local JSON manifest files and interpolating them directly into API payloads used to configure agent behavior. 1. Ingestion points: foundry-agents.json, .foundry/agents.json, and infra/foundry-agents.json. 2. Boundary markers: No delimiters or ignore-instruction warnings are included in the generated prompt payloads. 3. Capability inventory: The skill uses PowerShell Invoke-RestMethod and Bash curl commands to perform POST operations that update agent instructions in the cloud service. 4. Sanitization: The manifest content is parsed and transmitted without validation or sanitization.
[COMMAND_EXECUTION]: The skill requires the execution of PowerShell and Bash scripts that interact with the Azure CLI (az) and perform network operations for infrastructure-as-code synchronization.

foundry-agent-sync