The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes a custom wrapper script scripts/tfy-api.sh to interact with the TrueFoundry REST API. This script is well-engineered with security in mind, incorporating validation to prevent path traversal and using a non-evaluating parser for .env files.
[PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface because it queries AI Gateway request traces that contain data from external interactions (e.g., user prompts, tool calls, and model responses).
Ingestion points: Data enters the agent context through the response of the /api/svc/v1/spans/query endpoint (documented in SKILL.md).
Boundary markers: The instructions mandate presenting results in structured tables, which reduces the likelihood of the agent accidentally obeying instructions embedded in the traces.
Capability inventory: The skill allows execution of bash commands via allowed-tools and network access to the TrueFoundry API via tfy-api.sh.
Sanitization: The tfy-api.sh script provides input validation to ensure API paths are correctly formatted and safe.
[REMOTE_CODE_EXECUTION]: The documentation references external resources such as agent_card_url and OpenAPI specifications (spec.url) that are fetched at runtime. The skill explicitly warns that these are untrusted sources and requires user confirmation before use, aligning with best security practices for handling third-party integrations.

ai-monitoring