The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes a Python script (scripts/agent.py) designed to be executed locally. It performs data analysis on identity governance datasets using standard libraries like json and argparse.
[EXTERNAL_DOWNLOADS]: The agent script contains logic to interact with SailPoint's IdentityNow API via the requests library. These network operations are standard for IAM integration and utilize bearer tokens for authentication as per SailPoint's official developer documentation.
[DATA_EXFILTRATION]: There is no evidence of unauthorized data transmission. The script processes input JSON files and writes findings to a local report file (sailpoint_governance_report.json) for user review.
[CREDENTIALS_UNSAFE]: No hardcoded API keys, secrets, or passwords were found. The script correctly implements authentication by accepting tokens as function parameters and using them in standard authorization headers.
[INDIRECT_PROMPT_INJECTION]: While the script processes external JSON data (e.g., certification campaigns, SOD violations), it does so as a standalone auditing tool. It does not interpolate this data into LLM prompts in a way that could lead to instruction override.

implementing-identity-governance-with-sailpoint