The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/generate_report.py contains a generate_script method that constructs shell scripts from the content argument and explicitly sets executable permissions via chmod 0o755. This enables the creation of arbitrary executable files on the host system based on user or agent-provided input.\n- [PROMPT_INJECTION]: The skill analyzes external code files from {baseDir}/ without implementing boundary markers or instructions to disregard embedded commands, making it susceptible to indirect prompt injection.\n
Ingestion points: Reads source code files for analysis as specified in SKILL.md.\n
Boundary markers: Absent. No delimiters or directives are used to separate untrusted code from instructions.\n
Capability inventory: The skill has access to Bash tools and the ability to generate executable scripts using scripts/generate_report.py.\n
Sanitization: Absent. Content from analyzed files is used directly without validation or filtering.\n- [COMMAND_EXECUTION]: The SKILL.md file defines broad Bash tool permissions using wildcards (profiling:* and memory:*). This expansive access, combined with the ability to generate new executable scripts, provides a significant attack surface if the agent is manipulated.

detecting-memory-leaks