The Agent Skills Directory

[COMMAND_EXECUTION]: Employs bash -c to execute command strings that incorporate pipes and environment variables. This pattern is used to ensure the DIFY_TOKEN secret is correctly passed to the curl command within the shell environment.
[DATA_EXFILTRATION]: Performs network requests to api.dify.ai, which is the official endpoint for the Dify platform (a well-known service). The skill transmits user queries, configuration data, and local files to the platform as part of its documented functionality.
[PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing and displaying content generated by an external LLM platform.
Ingestion points: Responses from the Dify API via curl (SKILL.md).
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are included in the command examples.
Capability inventory: The skill utilizes shell execution (bash), network operations (curl), and temporary file system access (/tmp).
Sanitization: External API responses are parsed for structure using jq but are not sanitized for potential malicious instructions before being presented to the user or agent.

dify