The Agent Skills Directory

COMMAND_EXECUTION (HIGH): Unquoted heredoc expansion in scripts/deploy-service.sh. The script uses cat <<EOF which allows the shell to evaluate contents of variables like ${NAME} and ${IMAGE}. If these variables contain command substitutions (e.g., $(whoami)), they will be executed by the shell during the expansion of the heredoc. Additionally, in scripts/traffic-split.sh, variables such as $SERVICE and $NAMESPACE are used in shell commands where double-quote breakout is possible.
REMOTE_CODE_EXECUTION (HIGH): Execution of remote resources from untrusted sources in scripts/install.sh. The script downloads and applies YAML manifests from github.com/knative using kubectl apply -f. Since the knative organization is not included in the predefined list of trusted organizations, this is classified as executing remote code from an untrusted source.
CREDENTIALS_UNSAFE (HIGH): Unauthorized sensitive file access. Multiple scripts construct paths to Kubernetes configuration files (e.g., ~/.kube/aks-rg-hypera-${CLUSTER}-config) using the user-provided $CLUSTER variable. This pattern is susceptible to directory traversal and allows access to sensitive credentials belonging to other clusters.
EXTERNAL_DOWNLOADS (MEDIUM): The skill performs several network downloads of configuration manifests without integrity verification such as checksums or signatures, which could lead to the application of modified or malicious resources.

knative