The Agent Skills Directory

[COMMAND_EXECUTION]: The documentation in SKILL.md provides instructions for executing powerful commands using tools like sqlmap, specifically highlighting the use of the --os-shell flag to attempt remote command execution on the target host through database vulnerabilities.
[EXTERNAL_DOWNLOADS]: The utility script scripts/agent.py requires the third-party requests library to be installed from an external package registry (e.g., PyPI).
[DATA_EXFILTRATION]: The agent.py script initiates network requests (GET and POST) to arbitrary, user-defined URLs to deliver SQL injection payloads and retrieve data from the target system's database responses.
[SAFE]: The Python script explicitly disables SSL certificate verification by setting verify=False in its HTTP requests. While this is insecure for production environments, it is a documented practice for penetration testing tools to allow traffic interception through security proxies.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external web server responses in scripts/agent.py. The script reads the response body to identify database error patterns and includes these snippets in a generated JSON report. This creates a surface where malicious instructions embedded in a target's response could potentially influence the agent when it interprets the assessment results. (Ingestion points: scripts/agent.py response processing; Boundary markers: None; Capability inventory: Network requests and local file writing; Sanitization: None).

exploiting-sql-injection-vulnerabilities