The Agent Skills Directory

COMMAND_EXECUTION (LOW): The skill provides the ability to terminate arbitrary processes via terminate_process.py. While the skill includes an IGNORE_PATTERNS list for critical system processes, it encourages 'AUTO_KILL' actions on common developer tools (Next.js, Webpack, etc.) and 'claude', which could lead to unintended service disruption or self-termination of the agent.
DATA_EXPOSURE (LOW): The hunt_processes.py script executes ps -eo pid,pcpu,rss,comm,args to inspect all running processes. This output, including full command-line arguments, is returned to the agent and could expose sensitive information such as API keys, tokens, or file paths used as arguments by other running applications.
INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted data (external process names and command strings). An attacker could theoretically name a process to influence the agent's behavior, though the script's use of strict regex categorization for 'AUTO_KILL' logic significantly mitigates this risk.
Ingestion points: get_processes in scripts/hunt_processes.py reads process command lines from the system.
Boundary markers: None present in the script output to separate process data from agent instructions.
Capability inventory: scripts/terminate_process.py provides the capability to send SIGTERM/SIGKILL signals to any PID.
Sanitization: PIDs are validated as integers, but the decision to terminate is based on regex matching and LLM interpretation of the process list.

process-hunter