The Agent Skills Directory

[DATA_EXFILTRATION]: The scripts/agent.py script performs network GET requests to a user-provided --target URL. It transmits an authentication token provided via CLI arguments in the Authorization header. This is a standard functional requirement for an auditing tool but involves sending credentials to an external endpoint.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes and outputs external data without sanitization.\n
Ingestion points: Remote API responses (e.g., /api/v1/compliance) fetched by scripts/agent.py.\n
Boundary markers: Absent; the script prints raw strings from the JSON response directly to the console or an output file.\n
Capability inventory: The script can perform network requests (requests.get) and write to the local file system (json.dump).\n
Sanitization: No validation, escaping, or filtering is applied to the data retrieved from the remote API before it is processed.

implementing-pci-dss-compliance-controls