The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill handles untrusted data in the form of OpenAPI specifications, which could potentially contain malicious instructions aimed at the agent. Ingestion points: The <spec-path> and the content of spec files are ingested during linting and inspection steps. Boundary markers: No specific delimiters or safety instructions are provided to the agent to distinguish between data and commands within the spec files. Capability inventory: The skill utilizes shell commands (speakeasy, yq, jq) which can read and process local files. Sanitization: There are no instructions for validating or sanitizing the input file paths or their contents before execution.

diagnose-generation-failure