The Agent Skills Directory

[DATA_EXFILTRATION]: Technique 3 defines a diagnostic function that accepts a statusUrl parameter and uses it as the target for a fetch request containing the Authorization Bearer token and the x-api-key. This enables an attacker to exfiltrate valid production credentials by supplying a malicious URL to the agent.- [CREDENTIALS_UNSAFE]: Technique 2 instructs the agent to run curl -v and capture the output in firefly-debug.log. This log file stores the plaintext Authorization header and API key on the local file system. Additionally, Technique 5 prints the generated IMS access token directly to the console output, exposing it to the agent's context and any session logs.- [COMMAND_EXECUTION]: The skill requires high-privilege access to network diagnostics and system tools, including curl, openssl, and tcpdump, which increases the potential impact of the identified credential exposure risks.- [PROMPT_INJECTION]: Technique 3 ingests data from external API responses and processes it without sanitization, creating an indirect prompt injection surface.
Ingestion points: The statusUrl parameter and the resulting JSON response body from the fetch operation in SKILL.md.
Boundary markers: No delimiters or instructions are used to separate external data from the agent's command logic.
Capability inventory: The skill utilizes network access (curl, fetch), file system writes (tee), and high-privilege shell access.
Sanitization: There is no evidence of validation or escaping for data retrieved from external sources before it is processed or logged.

adobe-advanced-troubleshooting