The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing data received from external network sources. * Ingestion points: The skill uses ws.recv() to receive messages from target WebSocket servers in both SKILL.md and scripts/agent.py. * Boundary markers: There are no explicit boundary markers or instructions to the agent to ignore embedded commands within the received data. * Capability inventory: The agent script scripts/agent.py has the capability to initiate network connections (websockets.connect) and write files to the local filesystem (json.dump to ./websocket_test). * Sanitization: The script performs minimal sanitization by truncating responses to 200 characters (resp[:200]), but does not escape or validate the content.
[DATA_EXFILTRATION]: The skill facilitates network communication and local data storage. * It performs network operations to user-supplied WebSocket endpoints using the websockets library. * It writes automated security reports containing scan results to the local filesystem in the scripts/agent.py file.
[COMMAND_EXECUTION]: The skill provides an automation script scripts/agent.py that is intended to be executed in the local environment to perform security assessments, which involves active interaction with network services and system resources.

testing-websocket-api-security