The Agent Skills Directory

[COMMAND_EXECUTION]: The jenkins_api.py helper script is vulnerable to Groovy injection. User-provided inputs, such as job_name, are interpolated directly into Groovy script strings (e.g., getItemByFullName("{job_name}")) without sanitization. An attacker can use crafted job names containing closing quotes and braces to execute arbitrary code on the Jenkins server.
[REMOTE_CODE_EXECUTION]: The skill documentation explicitly provides patterns for disabling the Jenkins Groovy sandbox by setting CpsFlowDefinition(script, false). It also provides a code snippet to automatically approve all pending scripts using ScriptApproval.get().approveScript(ps.hash). These instructions actively guide the agent to bypass the primary security controls designed to prevent malicious code execution within Jenkins pipelines.
[CREDENTIALS_UNSAFE]: The init command in scripts/jenkins_api.py accepts the Jenkins API token as a command-line argument (--token). This practice exposes sensitive credentials in the shell's command history (e.g., .bash_history), where they may be accessed by other users or processes on the local machine.
[EXTERNAL_DOWNLOADS]: The script contains a hardcoded network override that resolves jenkins.maxeffort.cn to the IP address 47.100.13.75 to bypass regional compliance restrictions. While identified as a vendor-related resource, hardcoding specific IP addresses and routing logic for remote servers can be used to redirect traffic or target specific infrastructure.

jenkins