The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/staleness_checker.py utilizes subprocess.run to call the git binary for checking file modification history. This is a routine operation for staleness detection and uses the secure list-based argument format to mitigate shell injection risks.
[DATA_EXFILTRATION]: The skill templates include curl commands for monitoring application health endpoints. These operations are restricted to status verification and do not exfiltrate sensitive repository or system information.
[PROMPT_INJECTION]: An indirect prompt injection surface (Category 8) was identified in the scripts/runbook_scaffolder.py script. 1. Ingestion points: The script ingests service definitions from JSON files provided via the --input argument. 2. Boundary markers: No delimiters or boundary instructions are implemented to separate data from the generated command templates. 3. Capability inventory: The tool is designed to generate shell commands for deployment, database maintenance, and scaling operations. 4. Sanitization: The script performs no sanitization or validation of JSON fields before interpolating them into executable command strings. This is a low-risk surface given the tool's primary purpose of generating documentation for review.
[REMOTE_CODE_EXECUTION]: Automated alerts regarding remote code execution via curl were verified as false positives. The identified command curl -sw "%{http_code}" https://$APP_HOST/api/health -o /dev/null is a standard connectivity check that discards the response payload, preventing any potential for code execution.

runbook-generator