The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the user or agent to execute commands with elevated privileges using sudo for package management and service control, including apt install, gvm-setup, and gvm-start.
[DATA_EXFILTRATION]: The configuration instructions in SKILL.md include a command that reads a sensitive private SSH key (cat /home/scan_user/.ssh/id_rsa) to create scan credentials. This access to sensitive filesystem paths constitutes a high-risk data exposure.
[EXTERNAL_DOWNLOADS]: The skill fetches a Docker Compose configuration file from Greenbone's official documentation repository at greenbone.github.io.
[PROMPT_INJECTION]: The Python scripts (agent.py and process.py) ingest and process vulnerability reports that may contain attacker-controlled content. Ingestion points: scripts/agent.py parses XML reports via ET.parse(), and scripts/process.py retrieves reports through the Greenbone Management Protocol. Boundary markers: No specific delimiters or instruction-blocking markers are used when interpolating report data into the output. Capability inventory: The scripts have the ability to write data to local JSON and CSV files and output results to the console. Sanitization: The implementation lacks sanitization or validation for data extracted from the reports before it is processed or displayed.

performing-authenticated-scan-with-openvas