The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill installs numerous Python packages from PyPI, including prophet, scikit-learn, tensorflow, and pyod. These are well-known and established libraries for data science and MLOps.
[COMMAND_EXECUTION]: The skill uses Bash for environment setup and dependency installation. It also utilizes joblib.load() in aiops/isolation_forest_detector.py to load machine learning models from local paths, which is a standard but technically unsafe deserialization method if the files are tampered with.
[DATA_EXFILTRATION]: The skill communicates with Slack and PagerDuty via webhooks for alerting; these are well-known and documented external services. In aiops/data_loader.py, the Prometheus connection is configured with disable_ssl=True, which is a common but insecure practice that can expose metrics to interception.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: Data is ingested from Prometheus queries and CSV files in aiops/data_loader.py. 2. Boundary markers: No markers or 'ignore embedded instructions' warnings are present for the ingested data. 3. Capability inventory: The skill has Bash access and can perform file write/edit operations as defined in its allowed tools. 4. Sanitization: No sanitization or validation of the content of the metric or log data is performed before it influences the alerting logic or root cause analysis.

detect-anomalies-aiops