The Agent Skills Directory

[Privilege Escalation] (MEDIUM): The skill requests Bash tool access for a task (sending webhooks) that should be handled by a more restricted tool. This violates the principle of least privilege as shell access is not necessary for making HTTP requests.\n- [Indirect Prompt Injection] (MEDIUM): The skill is designed to process data and send it to an external URL but provides no boundary markers or sanitization instructions. An attacker could potentially inject malicious shell characters if the agent uses Bash to construct the webhook request. Evidence Chain: 1. Ingestion point: User-provided message content. 2. Boundary markers: None present. 3. Capability inventory: Bash, Write. 4. Sanitization: None defined in instructions.\n- [Dynamic Execution] (LOW): As a 'No Code' skill that relies on Bash, the skill necessitates that the LLM generate and execute code at runtime to fulfill its purpose. This increases the risk of unsafe command construction compared to using a predefined, hardened script.

teams-webhook-sender