The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references several external resources for system configuration and tooling, including official NixOS channels, Nix-community repositories (home-manager, disko, nixos-anywhere), and established ecosystem projects (Determinate Systems, Lix, sops-nix, agenix). These references target well-known organizations and are documented as standard components for declarative system administration.
[COMMAND_EXECUTION]: The workflow requires executing administrative commands such as nixos-rebuild, nix-channel, and sudo operations to manage system state and generations. This is consistent with the primary purpose of a NixOS administration skill and is necessary for its functionality.
[DATA_EXFILTRATION]: The skill includes commands to gather system metadata (e.g., nixos-version, uname, nix config show) and inspect system logs (journalctl). These operations are used exclusively for troubleshooting and system auditing; no unauthorized external transmission of sensitive data was detected.
[INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it ingests untrusted data from system logs (journalctl) and external configuration files without explicit boundary markers or sanitization. However, this is a standard risk for diagnostic tools and is mitigated by the agent's internal safety guardrails.
Ingestion points: System logs accessed via journalctl and configuration files read via cat or nix config show (SKILL.md, Workflow).
Boundary markers: Not present.
Capability inventory: The skill utilizes powerful system commands including nixos-rebuild, nix-channel, and sudo (SKILL.md, references).
Sanitization: Not present.
[CREDENTIALS_UNSAFE]: The skill demonstrates high security awareness regarding credentials, explicitly instructing against hardcoding secrets in the Nix store and providing detailed guides for using encrypted secrets management tools (references/secrets-sops-and-agenix.md).

nixos-btw