The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses curl through the Bash tool to interact with the LiteLLM proxy's management endpoints, specifically for listing and deleting users. This is the primary function of the skill and is explicitly scoped in the tool permissions.\n- [DATA_EXFILTRATION]: The skill manages a sensitive administrative token (LITELLM_API_KEY) and transmits it to a user-provided base URL. These actions are required for the administrative functionality and do not involve unauthorized data transmission to third parties.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion point: Untrusted metadata (user emails, aliases) is retrieved from the proxy via the GET /user/list endpoint and ingested into the agent's context. Boundary markers: The instructions do not define delimiters to separate the API response data from other context or instructions. Capability inventory: The agent has the capability to perform destructive actions via POST /user/delete based on the ingested data. Sanitization: The skill does not describe any sanitization or validation of the API response before it is processed by the agent. This surface is partially mitigated by the instruction to require manual user confirmation before deletion.

delete-user