The Agent Skills Directory

[DATA_EXFILTRATION] (LOW): The templates/openapi-integration.py file includes a batch_api_request tool that allows the agent to make network requests to arbitrary endpoints. This presents a potential SSRF (Server-Side Request Forgery) risk if the agent is directed to internal or sensitive URLs.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface (Category 8). The skill processes external data from OpenAPI specifications and API responses which could contain malicious instructions. Ingestion points: templates/openapi-integration.py via load_openapi_spec (fetching from OPENAPI_SPEC_URL) and batch_api_request (fetching from user-provided endpoints). Boundary markers: Absent in templates. Capability inventory: Network requests via httpx and dynamic tool generation via FastMCP.from_openapi. Sanitization: No explicit sanitization or validation of the remote content is implemented in the templates.\n- [EXTERNAL_DOWNLOADS] (LOW): The templates/openapi-integration.py script attempts to download a JSON specification from a remote URL defined by the OPENAPI_SPEC_URL environment variable.

fastmcp