The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted data from external URLs (headers and response bodies) and local source code, creating a surface for indirect prompt injection where malicious instructions could be embedded in scanned targets.
Ingestion points: URL responses in scripts/security_scanner.py and file contents in scripts/code_security_scanner.py.
Boundary markers: The tools output structured findings in Markdown or JSON format to help separate data from instructions.
Capability inventory: The agent is granted access to Bash (scoped to specific security tools), Read, Write, and Edit tools.
Sanitization: No specific content sanitization or character escaping is performed on the data retrieved from external sources before reporting.
[COMMAND_EXECUTION]: The scripts dependency_auditor.py and code_security_scanner.py utilize subprocess.run to execute legitimate security auditing tools like npm audit, pip-audit, and bandit. These operations are necessary for the skill's primary function and are appropriately scoped.
[EXTERNAL_DOWNLOADS]: The dependency_auditor.py script is designed to automatically install the pip-audit package from the official Python Package Index (PyPI) if it is missing, ensuring that the environment has the necessary tools to perform a dependency audit.

performing-penetration-testing