The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes bash commands for diagnostics and service management, including HTTP POST requests to localhost:8080 to modify administrative settings like rate limits and circuit breakers during an incident.
[CREDENTIALS_UNSAFE]: Scenario 4 instructions include a command to echo the first 20 characters of the $GAMMA_API_KEY environment variable to the terminal for verification. This practice leads to partial credential exposure in the agent's output and session logs.
[PROMPT_INJECTION]: The skill uses grep to process and analyze data from application logs in /var/log/app/gamma-*.log. Since log content can be influenced by external requests, this represents a surface for indirect prompt injection. 1. Ingestion points: Application log files. 2. Boundary markers: None present. 3. Capability inventory: Bash, Write, and Edit permissions across the skill scripts. 4. Sanitization: No sanitization is performed on the log data before processing.

gamma-incident-runbook