The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the command path provided by the $FORTIMANAGER_MCP_CMD environment variable using python3. This dynamic execution allows for running arbitrary scripts or binaries present on the system if environment variables are manipulated.
[EXTERNAL_DOWNLOADS]: The skill points to an external GitHub repository (jmpijll/fortimanager-mcp) as the source for its MCP server. This source is not verified or part of the trusted vendors list, presenting a supply chain risk where unvetted code could be executed.
[PROMPT_INJECTION]: The skill ingests untrusted configuration data (e.g., firewall policy names, object descriptions) from the FortiManager API. It lacks boundary markers to isolate this data and has the capability to perform sensitive operations like writing or installing policies. This setup is vulnerable to indirect prompt injection, where malicious data could influence the agent's reasoning or actions during security audits.

fortimanager-ops