The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses taskcluster and az (Azure) CLI tools to query CI state and manage debug virtual machines. The Python script investigate.py executes these commands safely using subprocess.run with list-based arguments, which mitigates shell injection risks.
[EXTERNAL_DOWNLOADS]: It fetches task metadata and SBOM (Software Bill of Materials) documentation from verified Mozilla domains, including firefox-ci-tc.services.mozilla.com and treeherder.mozilla.org. These downloads are necessary for comparing build environments.
[REMOTE_CODE_EXECUTION]: The skill provides instructions for running PowerShell commands on Azure VMs using az vm run-command invoke. This is a legitimate administrative feature used for troubleshooting worker nodes in the user's controlled cloud environment.
[CREDENTIALS_UNSAFE]: While the documentation includes a hardcoded password (Password1!), it is explicitly for temporary, throwaway debug VMs and serves as an example for the agent, rather than being a leaked secret from the user.

worker-image-investigation