The Agent Skills Directory

[SAFE]: A thorough review of the skill configuration and instructions shows no evidence of malicious intent, unauthorized command execution, or sensitive data exposure.
[PROMPT_INJECTION]: The skill architecture includes a surface for indirect prompt injection via the ingestion of external monitoring data.
Ingestion points: Metric collection from external APIs (Prometheus, CloudWatch, StatsD) is central to the skill's function as noted in SKILL.md.
Boundary markers: The instructions do not define specific delimiters or guidelines to handle potential instructions embedded within external data.
Capability inventory: Access is restricted to Read, Write, and Bash commands with allowed prefixes (prometheus:, metrics:, monitoring:).
Sanitization: The scripts/README.md file references metrics_validation.py for ensuring data quality, which provides a layer of protection against malformed input.

aggregating-performance-metrics