The Agent Skills Directory

Indirect Prompt Injection (HIGH): The script is designed to extract data from Burp Suite project files (site maps, proxy history, audit items). These files contain raw HTTP requests and responses from external, untrusted web sources. An attacker can embed malicious instructions within these web pages to influence the AI agent's subsequent reasoning or actions. \n
Ingestion points: The PROJECT_FILE argument in scripts/burp-search.sh points to external .burp files.\n
Boundary markers: None. The script outputs raw JSON-per-line data without delimiters or warnings to the agent.\n
Capability inventory: The script executes Java commands; however, the agent utilizing this skill likely possesses broader capabilities (e.g., writing reports, executing remediation scripts) which the injected content could exploit.\n
Sanitization: None. Data from the project file is passed directly to the output stream.\n- Command/Argument Injection (MEDIUM): The script uses "$@" to pass all additional arguments directly to the java -jar command. While quoted to prevent shell word splitting, this allows a user to provide arbitrary CLI flags to the Burp Suite executable. Depending on the version and configuration of Burp, this could lead to loading malicious extensions or altering security configurations.

burpsuite-project-parser