The Agent Skills Directory

[COMMAND_EXECUTION]: The session management logic in scripts/storage.py is vulnerable to path traversal. The session_id parameter is used directly in os.path.join to construct file paths (e.g., sessions/<session_id>.json) for reading and writing data without sanitization. This could be exploited to manipulate files outside the intended directory.
[DATA_EXFILTRATION]: Due to the path traversal vulnerability in the storage backend, there is a risk of unauthorized reading of local JSON files. Additionally, the skill transmits user queries to an external AWS service (https://knowledge-mcp.global.api.aws) to fetch documentation. While this is a feature of the skill, it represents a data transmission to a remote endpoint.
[REMOTE_CODE_EXECUTION]: The Dockerfile configuration in setup/docker/claude/ performs a remote download and piped execution (curl | bash) of an installation script from https://claude.ai/install.sh. This pattern is an identified security risk, although the source is a trusted service provider.
[EXTERNAL_DOWNLOADS]: The skill references several external resources and APIs, including the AWS Knowledge MCP Server and Anthropic's Claude installation script. All identified external connections are directed at well-known, trusted organizations.

solr-opensearch-migration-advisor