The Agent Skills Directory

[Privilege Escalation] (HIGH): The skill relies heavily on sudo for critical system operations, including modifying firewall rules (iptables, ufw, nft), changing system routing tables (ip route), and altering name resolution (resolvectl, /etc/hosts). While functional for a network engineer role, this provides an agent with the ability to bypass security controls or isolate the host.
[Indirect Prompt Injection] (HIGH): This skill is highly susceptible to indirect prompt injection due to its interaction with untrusted external data.
Ingestion points: Data enters the context via curl responses, dig DNS records, and nslookup output in SKILL.md.
Boundary markers: Absent. There are no instructions or delimiters to help the agent distinguish between tool output and instructions.
Capability inventory: Includes high-privilege write operations such as sudo iptables, sudo ufw, sudo ip route add, and docker run in SKILL.md.
Sanitization: Absent. The skill does not provide any logic for validating or sanitizing network-sourced strings before they are processed by the agent's reasoning engine.
[External Downloads] (MEDIUM): The skill executes docker run --rm curlimages/curl, which triggers a download and execution of an image from a public registry (Docker Hub) at runtime. This introduces a dependency on external, third-party code that is not verified by the skill's own logic.

networking