The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses subprocess.run to execute the nslookup command for subdomain enumeration. The implementation uses a list for arguments, which is a secure practice to prevent shell injection.
[EXTERNAL_DOWNLOADS]: The skill and the scripts/agent.py utility perform network requests via the requests library to fetch external resources including Swagger/OpenAPI specifications, JavaScript files, and to probe remote API endpoints.
[DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. The script fetches data from external sources as part of its auditing function, but does not send local sensitive data (like credentials or SSH keys) to remote servers.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes untrusted data from external sources.
Ingestion points: HAR file parsing in SKILL.md, and Swagger spec, JavaScript source, and API endpoint probing in scripts/agent.py.
Boundary markers: No specific boundary markers or 'ignore' instructions are used to separate untrusted data from the agent's logic.
Capability inventory: The skill can execute shell commands (nslookup) and perform network operations (requests.get).
Sanitization: The script relies on JSON parsing and regular expressions without dedicated sanitization of the fetched content.

performing-api-inventory-and-discovery