The Agent Skills Directory

Prompt Injection (LOW): The skill exhibits a vulnerability surface for indirect prompt injection by ingesting untrusted data from JSON specification files to generate source code. 1. Ingestion points: Specification files (e.g., product.json) and template files (.tpl). 2. Boundary markers: Absent; no delimiters or instructions are used to isolate user-provided data from templates. 3. Capability inventory: The generator script performs file-writing operations to the local system. 4. Sanitization: No evidence of sanitization or validation of input fields (entity/field names) before interpolation into Java templates.
Command Execution (LOW): The skill documentation provides command-line instructions for users to run a local Python script that interacts with the file system.
No Code (SAFE): The provided files contain only documentation and data specifications; no executable source code (e.g., .py, .js) was included in the analyzed package.

spring-boot-crud-patterns