The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/generate_key.py utility allows for dynamic generation of shell scripts and explicitly sets their permissions to executable using chmod 0o755. Because the script's content is determined by runtime arguments, this allows an agent or an attacker to execute arbitrary code on the host environment, potentially bypassing constraints defined in the skill's tool configuration.- [PROMPT_INJECTION]: The skill is instructed to read and analyze project files and configurations using file-system tools. This exposes the agent to indirect prompt injection, where malicious instructions hidden in the processed files could hijack the agent's logic to perform unauthorized file modifications or command execution.
Ingestion points: Codebase files and configuration data accessed via Read, Grep, and Glob tools in SKILL.md instructions.
Boundary markers: No delimiters or instructions to treat data as untrusted are present.
Capability inventory: The agent possesses capabilities for file writing (Write) and shell command execution (Bash), augmented by the custom script-generation utility in scripts/generate_key.py.
Sanitization: No input validation or sanitization processes are implemented for the data read from external files.

encrypting-and-decrypting-data