The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses administrative commands via kubectl to manage production deployments, including modifying environment variables (kubectl set env) to disable or re-enable services during incidents.
[CREDENTIALS_UNSAFE]: Includes a procedure to partially reveal the DOCUMENSO_API_KEY environment variable (echo $DOCUMENSO_API_KEY | head -c 10) for verification purposes, which exposes segments of a sensitive credential.
[DATA_EXFILTRATION]: Accesses potentially sensitive application logs through kubectl logs to diagnose error patterns and verify service health.
[EXTERNAL_DOWNLOADS]: Performs network requests using curl to Documenso's official status page and API endpoints to confirm service availability and test connectivity.
[PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as it ingests untrusted data from external logs via kubectl logs. Malicious content embedded in logs could potentially influence agent behavior during analysis.
Ingestion points: Reads output from kubectl logs in references/implementation-guide.md.
Boundary markers: None present for log ingestion.
Capability inventory: Subprocess execution via Bash(kubectl:*) and Bash(curl:*) in SKILL.md.
Sanitization: No specific sanitization or validation of log content is performed before processing.

documenso-incident-runbook