The Agent Skills Directory

[COMMAND_EXECUTION]: The skill is granted high autonomy to execute arbitrary shell commands via the run_command action, specifically for go build and go test operations. It also has permissions to modify personas, configuration, and action handler code.
[REMOTE_CODE_EXECUTION]: The agent implements a mandatory workflow to modify source code, compile it at runtime, and push changes to a remote repository, which allows for dynamic code generation and execution.
[PROMPT_INJECTION]: The skill has a significant surface for Indirect Prompt Injection by analyzing untrusted data from other agents' conversation histories and system logs. Malicious instructions in these sources could trigger the agent's high-privilege code modification or command execution actions. * Ingestion points: conversation histories and system logs specified in SKILL.md. * Boundary markers: None present to delimit external data. * Capability inventory: Arbitrary shell command execution, code modification, and git operations. * Sanitization: No sanitization of analyzed data is described.
[DATA_EXFILTRATION]: The agent possesses broad read access to sensitive system information, including all agent conversation histories and system logs, which poses a risk of unauthorized data exposure if compromised by malicious input.

remediation-specialist