The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/test-signature.py utilizes importlib.import_module() to load Python modules based on a user-provided command-line argument (--module). This implementation allows for dynamic loading and execution of arbitrary code from any module reachable in the Python path.
[COMMAND_EXECUTION]: The scripts/clear-cache.py script performs recursive directory deletion using shutil.rmtree() on a directory path specified by the user through the --cache-dir argument. This capability can be used to delete arbitrary directories on the filesystem if misused.
[PROMPT_INJECTION]: The scripts/optimize-dspy.py script creates an indirect prompt injection surface by ingesting untrusted training data to optimize DSPy programs.
Ingestion points: Training examples are loaded from a JSONL file path provided via the --examples argument in scripts/optimize-dspy.py.
Boundary markers: The script lacks boundary markers or explicit instructions to the LLM to disregard potentially malicious instructions embedded within the training examples.
Capability inventory: The skill environment possesses capabilities for file creation, file deletion, and dynamic module loading.
Sanitization: Input data from the JSONL files is processed without validation or sanitization, which could allow adversarial examples to influence the behavior of the optimized model.

dspy-development