The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches base configuration files (docker-compose.yml, .env.example) and Nginx deployment files from the official Phase Console GitHub repository owned by the vendor (phasehq).
[COMMAND_EXECUTION]: Executes system commands to check for Docker environment readiness and to perform network diagnostics using dig and curl against well-known DNS resolvers.
[COMMAND_EXECUTION]: Manages application lifecycle and service configuration using docker compose for building and running containers.
[COMMAND_EXECUTION]: Installs a persistence mechanism via crontab to ensure automated Let's Encrypt certificate renewal, which is a standard procedure for the described task.
[PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection. Untrusted user data (domain name and email address) is collected and directly interpolated into shell commands such as dig, docker compose run, and crontab without explicit sanitization or boundary markers.
Ingestion points: Collection of domain and email in Phase 2 and Phase 3.
Boundary markers: Absent in command construction.
Capability inventory: Shell command execution (dig, docker, crontab).
Sanitization: Not explicitly performed on user-provided strings.
[CREDENTIALS_UNSAFE]: Instructions prompt the user to paste an Enterprise license key directly into the chat. Although the skill claims this is not a secret, license keys are typically sensitive credentials that should be protected.
[CREDENTIALS_UNSAFE]: Correctly handles most cryptographic secrets and database passwords by generating them locally using openssl in a configuration script rather than requesting them from the user.

docker-compose