The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes external log data from the 'loki-runner' agent to automatically drive database queries, which introduces a potential surface for indirect prompt injection. * Ingestion points: Log data retrieved from the 'loki-runner' sub-agent (SKILL.md). * Boundary markers: No explicit sanitization or delimiters are defined for parsing table names and IDs from logs in the Stage 2 logic. * Capability inventory: Database access via 'mysql-runner', code analysis via 'bug-analyzer', and file modification/git commits via 'git-workflow'. * Sanitization: The skill mandates a 'Bug 排查报告' (Bug Investigation Report) that must be manually confirmed by the user before any destructive actions or commits are executed.
[COMMAND_EXECUTION]: The skill orchestrates the execution of SQL commands and repository operations via sub-agents. It dynamically generates database queries based on information extracted from logs and bug descriptions, and uses the 'git-workflow' skill to perform final code submissions.
[CREDENTIALS_UNSAFE]: The skill interacts with configuration files that store credentials for database and log systems. * Evidence: References to '.claude/mysql-config.json' and '.claude/skills/loki-log-query/environments.json'. * Mitigation: The skill includes explicit instructions forbidding the AI from writing passwords or tokens from the conversation into these files, requiring manual user configuration.

fix-bug