The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's configuration in SKILL.md grants broad system access through the Bash(cmd:*) tool, which allows the agent to execute any shell command. While necessary for the skill's infrastructure-related tasks, it represents a significant capability.
[PROMPT_INJECTION]: A surface for indirect prompt injection exists due to the skill's core functionality. Ingestion points: The scripts/instrument_service.py script recursively reads and processes files from user-defined paths. Boundary markers: No specific boundary markers or 'ignore' instructions are implemented in the file processing logic. Capability inventory: The skill is granted access to file manipulation tools and unrestricted bash commands. Sanitization: No validation or sanitization of file contents is performed. This configuration could allow maliciously crafted files in the local environment to influence the agent's behavior if their contents are processed into the agent's context.

setting-up-distributed-tracing