The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Python subprocess module to execute openocd and arm-none-eabi-gdb commands.
Evidence: Found in scripts/openocd_run.py, scripts/openocd_gdb.py, and scripts/openocd_telnet.py. The scripts construct command-line arguments to perform chip flashing, memory erasing, and debugging.
Context: This behavior is intended and required for the skill's purpose. Paths to the executables are configurable in the environment via config.json.
[DATA_EXFILTRATION]: Analysis of network operations shows communication is limited to local debugger ports.
Evidence: scripts/openocd_telnet.py and scripts/openocd_itm.py connect to localhost (127.0.0.1) on ports 3333, 4444, and 3443.
Context: No data is transmitted to external or untrusted domains.
[INDIRECT_PROMPT_INJECTION]: The skill processes output from external hardware targets, presenting a theoretical surface for indirect injection.
Ingestion points: Target output is captured via Semihosting in scripts/openocd_semihosting.py and ITM in scripts/openocd_itm.py.
Boundary markers: None present. The output is returned within structured JSON fields to the agent.
Capability inventory: The agent has the ability to flash firmware, write to memory, and reset targets using the skill's scripts.
Sanitization: No sanitization of target output is performed.
Context: While this represents a technical attack surface, it is a standard characteristic of hardware debugging tools and is generally acceptable given the local environment.

openocd