The Agent Skills Directory

[SAFE]: The skill correctly implements Certificate Authority (CA) management logic using the well-known and trusted 'cryptography' library, following best practices like using RSA 4096-bit keys and SHA-256/384 for signatures.
[DATA_EXFILTRATION]: The implementation involves generating and storing sensitive private keys on the local filesystem (e.g., in the './pki' directory). This is a functional requirement for managing a Certificate Authority, and no patterns for external transmission of these keys or other data were identified.
[PROMPT_INJECTION]: The auditing feature in 'scripts/agent.py' reads external X.509 certificates for analysis. This creates a surface for indirect prompt injection where certificate attributes (like the Common Name or Subject Alternative Names) could contain instructions intended to influence the AI agent processing the output.
Ingestion points: The 'cert_path' parameter in 'scripts/agent.py', which is used to read PEM-encoded certificate files from disk.
Boundary markers: None present; the script outputs parsed data directly without delimiters or sanitization for LLM contexts.
Capability inventory: File system access (reading and writing files) and cryptographic signing operations across the 'agent.py' and 'process.py' scripts.
Sanitization: Certificates are parsed using the 'cryptography' library, which validates the structure and ensures the data conforms to X.509 standards.

configuring-certificate-authority-with-openssl