The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py interacts with the Trivy binary using subprocess.run with a list of arguments. This approach is a security best practice that prevents shell injection attacks by ensuring user-provided inputs, such as container image names or file paths, are not interpreted by a command shell.
[PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection because it ingests and processes untrusted data from external container images and configuration files. Malicious content within these artifacts (e.g., a specially crafted package name or CVE description) could potentially attempt to influence the behavior of an AI agent that consumes the resulting scan report.
[EXTERNAL_DOWNLOADS]: The skill's documentation and reference files point to official Aqua Security resources, including their primary documentation site and GitHub repositories. These are well-known, trusted sources for cybersecurity tooling and do not represent a security risk.

performing-container-security-scanning-with-trivy