The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The Python script scripts/generate-incident-report.py is vulnerable to path traversal. The title and output_dir parameters are not sanitized, allowing an attacker to write files to arbitrary locations such as /etc/cron.d/ or ~/.bashrc via manipulated agent inputs.\n- [PROMPT_INJECTION] (HIGH): The skill's log-fetching functionality (fetch-logs.sh) creates an indirect prompt injection vector. Malicious content within application logs can override the AI agent's instructions when it processes those logs for analysis.\n- [COMMAND_EXECUTION] (HIGH): Bash scripts fetch-logs.sh and health-check-all-services.sh interpolate user-provided arguments directly into Docker and curl commands. This lack of rigorous sanitization poses a high risk of command injection on the host system, especially given the high privileges often associated with Docker access.\n- [DATA_EXPOSURE] (MEDIUM): Collected logs containing potentially sensitive information are stored unencrypted in local directories without proper access controls or lifecycle management.

incident-response