The Agent Skills Directory

[PROMPT_INJECTION]: The SKILL.md file contains a section titled 'Think Beyond This Document' which explicitly instructs the agent to engage in 'creative, unconstrained thinking' and to treat every protection as a 'puzzle to be solved,' which acts as a prompt injection designed to bypass internal safety constraints and safety-aligned assumptions during audit phases.- [COMMAND_EXECUTION]: The methodology described in audit-poc-report.md and SKILL.md directs the agent to execute high-risk system commands and establish a 'reverse shell' to 'prove impact' and confirm the exploitability of discovered vulnerabilities.- [REMOTE_CODE_EXECUTION]: The skill provides a massive library of exploitation payloads (e.g., for JNDI injection, SSTI, and Deserialization) across 12 programming languages and instructs the agent to generate and run this malicious code to verify its findings.- [DATA_EXFILTRATION]: Reference files such as injection-attacks.md and protocol-infra-attacks.md provide specific payloads and techniques for out-of-band data exfiltration via DNS (e.g., MySQL LOAD_FILE) and HTTP protocols, which the agent is encouraged to use to demonstrate data exposure potential.

vuln-research