The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests untrusted data from external Agent Auth providers, such as discovery documents and capability schemas, which can lead to indirect prompt injection. 1. Ingestion points: External provider configurations fetched via auth-agent discover and JSON schemas retrieved via auth-agent describe. 2. Boundary markers: The instructions lack explicit delimiters or instructions for the agent to ignore potentially malicious content within these schemas. 3. Capability inventory: The auth-agent execute command allows the agent to perform actions based on the schemas provided by the external source. 4. Sanitization: No mechanisms are specified to sanitize or validate the external provider data before it is used to construct CLI commands.
[COMMAND_EXECUTION]: All primary functions of the skill are performed through the auth-agent CLI, which handles connection lifecycles and manages local storage for keys and configuration in the ~/.agent-auth/ directory.
[EXTERNAL_DOWNLOADS]: The skill directs the agent to use the @auth/agent-cli Node.js package for its core functionality.

agent-auth-cli