The Agent Skills Directory

[COMMAND_EXECUTION]: The CodeSandbox class in SKILL.md includes implementation for executing system commands via subprocess.run. This is specifically used to launch Docker containers (docker run) with restricted resources (memory/CPU limits, no network, read-only filesystem) to provide a secure environment for running arbitrary code.
[EXTERNAL_DOWNLOADS]: The skill references the spacy library and the zh_core_web_sm model in the fact verification snippet. Utilizing these would require downloading external packages and pre-trained models from established repositories.
[DATA_EXFILTRATION]: The OutputValidator class contains regex patterns for detecting and redacting sensitive information such as API keys, tokens, internal IP addresses (e.g., 10.x.x.x), and personal data. This is a defensive pattern intended to prevent accidental data exposure.
[PROMPT_INJECTION]: The PromptInjectionDetector class implements regex-based scanning for common prompt injection patterns (e.g., 'ignore previous instructions', 'DAN', 'dev mode'). This is a safety feature designed to protect the agent from adversarial inputs.

ai-agent-security