The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs local command execution for validation purposes. It uses dotnet build --no-restore and python -m py_compile to check the syntax of generated configuration files. Additionally, it utilizes curl to perform manual verification of CORS preflight headers against the local development server.
[DATA_EXPOSURE]: The skill analyzes local configuration files, specifically .env and appsettings.json, to extract existing CORS origin settings. This access is limited to the defined scope of the skill's purpose and does not involve external exfiltration of data.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from the project repository (filenames and configuration content) to determine the appropriate CORS strategy. While this data could be manipulated in a supply-chain attack scenario, the skill's logic is constrained to generating structured configuration code.

ln-773-cors-configurator