The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/deploy.sh uses the eval command to execute shell strings constructed from arguments such as the compose file path, stack name, and namespace. This pattern is vulnerable to command injection if these arguments contain shell metacharacters or escaped quotes, potentially allowing execution of arbitrary commands during the deployment process.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core workflow involves reading and analyzing untrusted project files to generate configurations.\n
Ingestion points: instruction 1 in SKILL.md directs the agent to scan existing Dockerfiles and Docker Compose files within the project environment.\n
Boundary markers: Absent; no delimiters or instructions are provided to help the agent distinguish between untrusted file content and its own system instructions.\n
Capability inventory: The skill has broad capabilities including filesystem modification (Read, Write, Edit) and shell execution via the Bash tool for Docker and Kubernetes orchestration.\n
Sanitization: Absent; the skill lacks mechanisms to validate, escape, or sanitize the content retrieved from project files before it is processed or passed to other tools and scripts.

generating-docker-compose-files