The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The evidence collection framework in references/evidence-collection-framework.md executes the command kubectl get secret vercel-secrets -o yaml. This retrieves the full, unredacted content of Kubernetes secrets, including sensitive keys and credentials, and stores them in a local file within the debug bundle.
[DATA_EXFILTRATION]: The skill's primary workflow involves creating a 'Comprehensive Debug Bundle' that aggregates production logs, system journals, and secret configurations. The instructions in SKILL.md then encourage the user to 'Escalate with Evidence' by submitting this sensitive bundle to an external support portal.
[COMMAND_EXECUTION]: The allowed-tools metadata in SKILL.md grants broad permissions for the kubectl and tcpdump binaries using wildcards. This allows the agent to execute any subcommands or flags, including those that perform privileged network traffic interception or administrative cluster operations.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. (1) Ingestion points: Production logs (kubectl logs) and system journals (journalctl) are read in references/evidence-collection-framework.md. (2) Boundary markers: None are present to distinguish between log data and instructions. (3) Capability inventory: The skill has access to powerful tools like Bash, kubectl, and curl. (4) Sanitization: No sanitization or filtering is applied to the ingested log content before it is processed by the agent.

vercel-advanced-troubleshooting