The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides the execute_terminal_command tool, which allows for the execution of arbitrary shell commands within the IDE's integrated terminal. This is a high-risk capability that could be used for system modification or malicious activity if misused. Evidence found in SKILL.md and references/jetbrains-skill.md.
[REMOTE_CODE_EXECUTION]: Through the execute_run_configuration tool, the agent can trigger the execution of any predefined or dynamic code execution task configured within the JetBrains IDE. Evidence found in SKILL.md and references/jetbrains-skill.md.
[DATA_EXFILTRATION]: The skill features tools to read any file within the project scope (get_file_text_by_path). When combined with the terminal execution capability, this creates a potential vector for exfiltrating project secrets or source code. Evidence: tool definitions in references/jetbrains-skill.md.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from project files. 1. Ingestion points: get_file_text_by_path, search_in_files_by_text, and search_in_files_by_regex. 2. Boundary markers: None specified in the instructions for the agent to use when handling file content. 3. Capability inventory: Terminal execution (execute_terminal_command), run configuration execution (execute_run_configuration), and file writing (create_new_file, replace_text_in_file). 4. Sanitization: No sanitization or validation of the ingested content is described before it enters the agent's context.

jetbrains-skill