The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted audit logs which can contain malicious instructions embedded by external attackers in HTTP requests. This constitutes an indirect prompt injection surface.
Ingestion points: The scripts/agent.py script reads audit log files containing external request data at line 44.
Boundary markers: The script does not use specific delimiters or instructions to the agent to ignore embedded instructions within the log data.
Capability inventory: The skill possesses file-read and file-write capabilities through the scripts/agent.py script.
Sanitization: Log data such as URIs and rule messages are extracted and reported without sanitization.
[SAFE]: The skill references official documentation and rule sets from the OWASP ModSecurity and Core Rule Set projects, which are well-known and trusted sources.

implementing-web-application-logging-with-modsecurity