The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides explicit instructions for environment setup using sudo (e.g., sudo apt-get install wkhtmltopdf) while the Bash tool is explicitly permitted in the allowed-tools section. This configuration encourages the agent to execute commands with elevated privileges on the host system to fulfill the skill's primary purpose of setting up dependencies.
[PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted data in the form of Odoo XML and HTML templates (via Read, Glob, and Grep tools). This creates a surface for indirect prompt injection where malicious instructions embedded in a processed template could potentially influence the agent's behavior, especially given its capabilities for file modification and command execution.
Ingestion points: Processes mail.template and ir.actions.report records and XML files from the Odoo codebase.
Boundary markers: The skill includes a "SECURITY VALIDATION" checklist instructing the agent to look for unsafe eval() or exec() calls within the templates, which serves as a security-oriented boundary check.
Capability inventory: Access to Bash, Write, Edit, Glob, Grep, and WebFetch tools.
Sanitization: The skill does not explicitly detail how the agent should sanitize the ingested content before processing, although it advises checking for unsafe patterns in the data itself.

odoo-report