The Agent Skills Directory

[COMMAND_EXECUTION]: The script 'scripts/generate_test_data.py' contains a 'generate_script' function that constructs a shell script from a template and programmatically sets executable permissions using 'chmod 0o755'. This allows for the generation and subsequent execution of arbitrary shell code.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted data to drive its testing logic.
Ingestion points: Data is read from '{baseDir}/config/' and schema files in the 'assets/' directory.
Boundary markers: No clear delimiters or instructions to disregard embedded commands are used when processing these files.
Capability inventory: The skill has access to the 'Bash' tool and can generate executable files, providing a high-impact execution path.
Sanitization: There is no evidence of validation or sanitization of the content provided to the generation scripts or bash commands.
[CREDENTIALS_UNSAFE]: The 'assets/docker-compose.yml' file contains several hardcoded credentials for the test databases, including 'POSTGRES_PASSWORD: test_password', 'MYSQL_ROOT_PASSWORD: root_password', and 'MONGO_INITDB_ROOT_PASSWORD: root_password'.

managing-database-tests