The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads its components and updates from the official prompt-security GitHub repository and the clawsec.prompt.security domain. It includes explicit steps for verifying the integrity of these downloads using SHA-256 checksums and manifest validation.
[COMMAND_EXECUTION]: Uses system binaries such as curl, jq, unzip, and shasum to perform installation, verify file hashes, and manage its state. It also interacts with the agent's cron system to schedule periodic security audits.
[PROMPT_INJECTION]: Vulnerability surface for indirect prompt injection (Category 8) exists because the skill scans and processes metadata from other potentially untrusted skills.
Ingestion points: Metadata fields (name, description, author) and configuration files (skill.json) of other installed skills.
Boundary markers: The skill uses structured markdown reporting to present findings to the user.
Capability inventory: Executes file system reads, network requests for updates, and schedules recurring tasks via the agent's cron tool.
Sanitization: Employs jq for structured data parsing and performs specific security checks on downloaded artifacts, such as checking for path traversal characters in zip files.

prompt-agent