The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill performs project management and automation tasks by invoking local Node.js scripts via subprocesses (e.g., 'node scripts/update-graph.js'). This pattern creates an attack surface if the AI-generated command-line arguments are not strictly validated.- [REMOTE_CODE_EXECUTION] (MEDIUM): The skill provides the ability to create and deploy JavaScript code to remote runtimes ('create-function.js', 'deploy-function.js'). While this is a core feature for automation, it allows the agent to propagate potentially malicious code.- [DATA_EXFILTRATION] (LOW): The tool offers extensive database CRUD operations on D1 tables ('query-rows.js', 'create-row.js'). This allows the agent to access and potentially exfiltrate sensitive project data stored in connected databases.- [PROMPT_INJECTION] (LOW): The skill has a surface for Indirect Prompt Injection by processing untrusted data from workflow definitions and database records. 1. Ingestion points: 'get-graph.js', 'query-rows.js'. 2. Boundary markers: Absent. 3. Capability inventory: Local script execution and remote function deployment. 4. Sanitization: None documented in the skill instructions.

kapso-automation