The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Indirect prompt injection vulnerability surface identified. The skill is designed to ingest and analyze untrusted external data including local logs (hydra-node.log) and peer snapshots (GET /snapshot). In the absence of strict boundary markers or sanitization, malicious content within these data sources could attempt to influence the agent's behavior. * Ingestion points: local logs, peer snapshot endpoints. * Boundary markers: Absent. * Capability inventory: Shell command execution via curl and cardano-cli. * Sanitization: None.\n- [COMMAND_EXECUTION] (SAFE): The skill uses !hydra-node --version as a context probe in the YAML frontmatter. This is a low-risk, standard operation for identifying the software environment.\n- [DATA_EXFILTRATION] (SAFE): No evidence of unauthorized data transfer or credential theft. The skill contains proactive safety instructions to avoid requesting the content of private key files (cardano.sk, hydra.sk), which is a positive security practice.

hydra-head-troubleshooter