The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides structured templates and instructions for executing PowerShell and SSH commands on remote target hosts using the MID Server as a proxy. These patterns can be used to execute arbitrary commands on internal infrastructure.
[REMOTE_CODE_EXECUTION]: The executeMIDScript function facilitates the execution of arbitrary JavaScript code on the MID Server via the JSProbe topic. This allows for runtime code execution in the target environment.
[PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection (Category 8).
Ingestion points: The agent processes potentially untrusted data from the ecc_queue (input records) and discovery_sensors (probe results) retrieved via the snow_query_table tool.
Boundary markers: There are no explicit delimiters or boundary markers to distinguish between system instructions and data ingested from the ECC queue.
Capability inventory: The skill possesses high-impact capabilities including writing to the ECC Queue (triggering remote execution) and executing PowerShell/SSH commands via snow_execute_script_with_output.
Sanitization: While basic escapeXML is used for XML parameters, script payloads and command strings are handled without sufficient sanitization to prevent injection if an attacker-controlled input record is processed.

mid-server