The Agent Skills Directory

[COMMAND_EXECUTION]: The skill is designed to run multiple shell commands including 'go build', 'go test', 'go run', and 'go mod tidy'. These allow for extensive interaction with the host system and execution of compiled binaries.
[EXTERNAL_DOWNLOADS]: Running 'go mod tidy' results in the agent connecting to external Go module registries (such as proxy.golang.org) to download third-party dependencies into the local environment.
[REMOTE_CODE_EXECUTION]: The skill executes 'go run main.go' and 'go test', which run code defined in the project being analyzed. Most critically, the command 'source setTestEnv.sh' executes a local script directly in the shell environment, which could be exploited by a malicious repository to run arbitrary commands.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes project files that could contain malicious instructions. Ingestion points: Local project source code and the 'setTestEnv.sh' script. Boundary markers: No isolation or boundary markers are used to separate project data from agent instructions. Capability inventory: The agent has access to full shell execution and the Go toolchain. Sanitization: No sanitization or validation of the sourced script or project files is performed before execution.

build-run