The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill directs the agent to access and read .env files and environment variables to verify connection strings and database credentials.
Evidence: In SKILL.md, Error Pattern 3 specifically instructs the agent to run cat .env and check for ClickHouse authentication details.
[COMMAND_EXECUTION]: The skill utilizes the Bash tool for a wide range of operations, including process management, container interaction, and file modification.
Evidence: Extensive use of ps aux, docker ps, and docker exec commands for investigating runtime issues.
Evidence: Provides a complex sed command in SKILL.md (Error Pattern 11) and PATTERNS.md (Issue 6) to perform in-place patching of a script within the user's npm cache (~/.npm/_npx).
[REMOTE_CODE_EXECUTION]: The instructions encourage the use of package managers and remote execution tools to resolve dependency issues and generate code.
Evidence: Recommends running npm install, bun install, and npx @subsquid/evm-typegen@latest to fix version mismatches and update ABIs.
[PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data from log files and error stack traces, which serves as a potential vector for indirect prompt injection.
Ingestion points: Error stack traces captured via BashOutput and log files read using the Read tool.
Boundary markers: No explicit markers or "ignore instructions" warnings are present for processed data.
Capability inventory: The agent has powerful tools including Edit, Bash, and Grep which could be abused if the agent follows instructions hidden in error logs.
Sanitization: No sanitization or validation of the ingested log content is performed before processing.

pipes-troubleshooting