The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill exhibits a vulnerability surface where untrusted instructions from external documentation could potentially influence agent behavior. Ingestion points: The web-fetch tool is used to ingest content from several https://www.pulumi.com/ documentation URLs. Boundary markers: Absent; there are no instructions to the agent to delimit or treat the fetched content as potentially unsafe. Capability inventory: The skill utilizes pulumi env run for shell command execution and call_pulumi_cloud_api() for cloud management operations. Sanitization: Absent; the agent is instructed to use the fetched documentation directly to generate configurations and guide the user.
External Downloads (LOW): The skill triggers the retrieval of data from https://www.pulumi.com/. While this is the official documentation for the tool being managed, the domain is not included in the predefined trusted external sources list.
Command Execution (SAFE): The skill provides legitimate instructions for using the Pulumi CLI and managing ESC environments. The pulumi env run command is used for its primary intended purpose of running processes with injected environment variables.

pulumi-esc