The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to run commands such as kubectl logs for service logs, curl for Prometheus metrics, and amtool for alert history. It also uses the GitHub CLI (gh) to create issues for action items. These operations are standard for incident response and use well-known infrastructure tools.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting untrusted data from external sources. 1. Ingestion points: Data is read from incident-logs.txt, metrics.json, and alerts.json. 2. Boundary markers: The procedure lacks delimiters or specific instructions to the agent to treat this data as untrusted or to ignore embedded instructions. 3. Capability inventory: The skill has access to sensitive tools including Bash, Write, and Edit. 4. Sanitization: No sanitization or validation of the retrieved log/metric content is performed before processing.

conduct-post-mortem