The Agent Skills Directory

[PROMPT_INJECTION]: The generate_validation_report.py script is vulnerable to indirect prompt injection via a Cross-Site Scripting (XSS) surface. The generate_html_report function constructs an HTML document by directly interpolating potentially untrusted data from a validation results JSON file into the HTML string without any sanitization or escaping.
Ingestion points: Data is ingested from the validation results file (JSON) in generate_validation_report.py (specifically table names, rule names, and error details).
Boundary markers: Absent. The script does not use delimiters or instructions to ignore embedded code in the processed data.
Capability inventory: The skill uses Bash(psql:*) and Bash(mysql:*) for database interaction and uses Python's standard library to write reports to the file system.
Sanitization: Absent. There is no evidence of HTML entity encoding or sanitization before data is embedded in the report.
[COMMAND_EXECUTION]: The configure_validation_rules.py script allows for the definition and storage of arbitrary SQL queries through its 'custom rule' feature. This provides a mechanism for storing potentially malicious SQL commands that could be executed against the database in subsequent validation steps.
Evidence: The add_custom_rule method in configure_validation_rules.py takes a raw SQL query string from user input and saves it directly into the configuration file without validation or safety checks.

validating-database-integrity