The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/generate_soc2_report.py file contains a generate_script method that writes shell scripts to disk and explicitly grants execution permissions using file_path.chmod(0o755). This dynamic execution pattern is a security risk if the content of the script is derived from unsanitized or untrusted data sources.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its core function of ingesting untrusted external data.
Ingestion points: Files such as system logs, IAM policies, and configuration files are read from the file system by evidence_gathering_automation.py and identify_compliance_gaps.py.
Boundary markers: No specific delimiters or safety instructions are present to distinguish untrusted file content from system instructions during processing.
Capability inventory: The skill possesses significant capabilities, including the ability to write and execute scripts via generate_soc2_report.py and general Bash tool access.
Sanitization: The provided script templates do not perform sanitization, escaping, or validation of the ingested data before it is used in report generation or script creation.
[SAFE]: No hardcoded credentials, unauthorized network activity, or obfuscation techniques were identified. The external URLs referenced in the skill point to well-known and trusted security and compliance organizations.

assisting-with-soc2-audit-preparation