The Agent Skills Directory

[Privilege Escalation] (MEDIUM): The skill instructs the agent to modify system files in /etc/nginx/ and manage services using systemctl or direct binary calls. While these typically require root privileges, the severity is downgraded from HIGH because these actions are the primary and intended purpose of an Nginx configuration skill.
[Indirect Prompt Injection] (LOW): The skill includes instructions to monitor and read Nginx access logs (tail -f /var/log/nginx/access.log), which ingest untrusted data from external HTTP requests. Ingestion points: /var/log/nginx/access.log and /var/log/nginx/error.log. Boundary markers: Absent; there are no instructions to delimit log data or ignore potential instructions within them. Capability inventory: The skill has access to file system operations (rm, cp, mkdir) and service control (systemctl, nginx -s). Sanitization: Absent; log content is read directly without filtering.

nginx-request-logging