The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The documentation references the @bkend/mcp-server package to be run via npx. This is a standard integration method for the vendor's Model Context Protocol (MCP) server used to extend agent capabilities.
[CREDENTIALS_UNSAFE]: The skill mentions sensitive configuration parameters such as BKEND_API_KEY and access_token. It uses placeholders for these values and follows security best practices by recommending the use of environment variable files (.env.local) for secret management.
[PROMPT_INJECTION]: The skill describes patterns for handling untrusted data via file uploads. While this creates a surface for indirect prompt injection (Category 8), the documentation includes robust client-side validation examples for file types and sizes to mitigate common risks.
Ingestion points: File input fields in the ImageUpload component and uploadFile functions.
Boundary markers: Not applicable as the content is technical documentation for developers rather than direct agent instructions.
Capability inventory: The code snippets utilize fetch for network operations to api.bkend.ai and localStorage for token management.
Sanitization: The validateFile function demonstrates type and size validation before processing uploads.

bkend-storage