The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill instructs the agent to scan sensitive configuration files, specifically Web.config and appsettings.json, to extract database connection strings which often contain plaintext credentials.
[COMMAND_EXECUTION]: The agent is directed to use shell commands such as git log, git diff, and git ls-files for change detection, and bash to append activity logs to a JSON file at the project root.
[DATA_EXFILTRATION]: The skill extracts architectural metadata, entity models, and security matrices from the codebase to be stored in an external graph database via the mcp__graph-brain toolset.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8). 1. Ingestion points: Files processed in Phases 3, 4, and 8 (Source code, Documents like .md, .docx, .pdf, and Config files). 2. Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are specified. 3. Capability inventory: The agent can modify data using mcp__graph-brain__* tools and perform file system writes via bash for logging. 4. Sanitization: Absent; no validation or filtering is specified for content extracted from scanned files.

brain-scan