The Agent Skills Directory

[DYNAMIC_EXECUTION]: The generate_script function in scripts/generate_model.py and scripts/generate_schema.py constructs shell scripts using simple string interpolation. The template content, which is sourced from the --content command-line argument, is embedded directly into a Bash script template without any form of escaping or sanitization.\n- [PRIVILEGE_ESCALATION]: Both generation scripts include a call to file_path.chmod(0o755) after writing the generated Bash script to disk. This explicitly grants execution permissions to the dynamically created file, facilitating the execution of potentially malicious code derived from unsanitized inputs.\n- [INDIRECT_PROMPT_INJECTION]: The skill architecture is vulnerable to indirect prompt injection because it processes external data for code generation.\n
Ingestion points: Input strings passed to the --content and --title arguments in the generation scripts (derived from user model definitions or database schemas).\n
Boundary markers: None. Input content is directly interpolated into generated markdown and shell script templates.\n
Capability inventory: The agent is authorized to use Bash tools for PostgreSQL, MySQL, and MongoDB, and has the ability to write and edit files on the system.\n
Sanitization: There is no logic present in the Python scripts to validate, sanitize, or escape the content before it is converted into an executable script.

generating-orm-code