The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/run_mssanitizer_geir.sh script dynamically generates a CMakeLists.txt file and invokes cmake and make at runtime to compile C++ source files (test_geir_*.cpp or test_aclnn_*.cpp) located in the operator's project directory.
[REMOTE_CODE_EXECUTION]: The scripts/gen_test_script.py script generates a Python test file by directly interpolating user-controlled arguments (--operator and --fallback) into executable Python logic via string formatting. This creates a vulnerability where a maliciously crafted operator name could execute arbitrary code when the resulting test script is run by the agent.
[COMMAND_EXECUTION]: The execution scripts run_mssanitizer.sh and run_mssanitizer_geir.sh use shell execution to run the mssanitizer tool and the generated scripts. These scripts also modify environment variables such as LD_LIBRARY_PATH and ASCEND_HOME_PATH based on user-provided or environment paths.
[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from local project files and log files through the scripts/parse_mssanitizer_log.py tool. While intended for error analysis, this provides a surface for processing attacker-controlled content which could influence the agent's generated report.

ascendc-mssanitizer