The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script advanced-exa-debug.sh executes kubectl get secret exa-secrets -o yaml, which retrieves sensitive authentication data in base64 format. The naming of the output file as secrets-redacted.yaml is deceptive, as the secret values are not actually stripped or masked.- [DATA_EXFILTRATION]: The skill automates the creation of a comprehensive debug bundle containing network captures (tcpdump), system logs, and cluster configuration. According to the instructions, this bundle is intended to be uploaded to external support portals, facilitating the exfiltration of sensitive production telemetry.- [COMMAND_EXECUTION]: The skill leverages highly privileged tools including kubectl, tcpdump, and journalctl. It performs raw network sniffing on port 443 and reads system-level logs, which requires elevated permissions and provides access to sensitive metadata.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from pod logs and system journals without sanitization or boundary markers. * Ingestion points: kubectl logs, journalctl (SKILL.md) * Boundary markers: Absent * Capability inventory: kubectl, curl, bash (SKILL.md) * Sanitization: Absent

exa-advanced-troubleshooting