The Agent Skills Directory

COMMAND_EXECUTION (HIGH): The skill instructs the agent to perform administrative tasks including modifying files in /etc/nginx/, deleting the default site configuration (rm -f /etc/nginx/sites-enabled/default), and reloading the Nginx service via systemctl. These actions significantly alter the host system's web service configuration. Note: Severity is reduced to MEDIUM in the final verdict because these operations are central to the skill's primary purpose.
COMMAND_EXECUTION (MEDIUM): Includes instructions for raw network/socket manipulation using socat and nc to communicate with the QEMU Machine Protocol (QMP) and websockify. This could be leveraged for unauthorized internal service access if not restricted to localhost.
PROMPT_INJECTION (LOW): Surfaces for indirect prompt injection exist where the agent is prompted to read local system configuration files. Ingestion points: references/novnc_nginx_config.md reads /etc/nginx/nginx.conf. Boundary markers: Absent. Capability inventory: systemctl, rm, ln, qemu-system-i386. Sanitization: Absent.
COMMAND_EXECUTION (LOW): Generates a simple helper script (send-key.sh) at runtime to automate QMP commands. This is a low-risk template-based script generation for VM control.

install-windows-3-11