The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill's documentation and prerequisites recommend installing third-party tools nosqlmap and nosqli via pip and git clone. These repositories (codingo/NoSQLMap, Charlie-belmer/nosqli) are not part of the established trusted vendors list.
[REMOTE_CODE_EXECUTION]: The exploitation workflow in SKILL.md (Step 5) involves cloning an external repository and immediately running its installation script (python setup.py install), which executes code from a remote, unverified source.
[COMMAND_EXECUTION]: The skill provides Python scripts (scripts/agent.py and scripts/process.py) and command-line examples using curl that perform active network requests and injection attempts against external URLs provided by the user.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes responses from untrusted external targets without sufficient sanitization.
Ingestion points: HTTP response bodies read via requests.get and requests.post in scripts/agent.py and scripts/process.py.
Boundary markers: None identified in the processing logic.
Capability inventory: Network access via requests and file write access via open() in reporting functions.
Sanitization: Minimal escaping is performed only for regex special characters in scripts/process.py.

exploiting-nosql-injection-vulnerabilities