The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the manual installation of a third-party Burp Suite extension (JAR file) from an untrusted GitHub repository (BuffaloWill/burpsuite-project-file-parser). This external code is then executed by the agent to perform project parsing.
[COMMAND_EXECUTION]: The skill uses a Bash wrapper script (burp-search.sh) to execute Java commands. It passes user-provided regex patterns and sub-component filters as command-line arguments, which could lead to shell injection if the underlying script does not properly sanitize these inputs.
[DATA_EXFILTRATION]: The skill is explicitly designed to extract sensitive information from Burp project files, including HTTP headers, response bodies, and security audit findings. It provides instructions for locating sensitive data such as 'passwords' or 'server signatures', which are then brought into the agent's context window.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It processes untrusted data from Burp project files (captured HTTP traffic).
Ingestion points: Burp project files (.burp) containing captured HTTP requests and responses (referenced in SKILL.md).
Boundary markers: No natural language boundary markers or safety instructions are used to delimit the captured data from the agent's instructions.
Capability inventory: Access to the Bash tool and file system via the Read tool (referenced in SKILL.md).
Sanitization: The skill employs size-based sanitization (truncating output to 50KB and bodies to 1000 characters using jq), but it does not perform semantic sanitization or filtering of the captured content to prevent embedded instructions from influencing the agent.

burpsuite-project-parser