The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the automated analysis of potentially attacker-controlled files.
Ingestion points: The scripts/agent.py script reads database dumps (JSON) and source code directories provided via command-line arguments.
Boundary markers: The script does not utilize boundary markers or delimiters when processing or reporting findings from external data.
Capability inventory: The skill possesses file system read and write capabilities (Path.read_text, Path.write_text) as implemented in scripts/agent.py.
Sanitization: No sanitization or validation is performed on the data extracted from the analyzed files before it is included in the JSON output report.
[PROMPT_INJECTION]: There is a metadata discrepancy regarding the author's name, which is listed as 'mahipal' in the SKILL.md YAML frontmatter but appears as 'mukul975' in the LICENSE file and system context.
[COMMAND_EXECUTION]: The documentation provides multiple examples of using curl and sqlmap to interact with target web applications for testing and exploitation purposes.
[DATA_EXFILTRATION]: The skill describes techniques for out-of-band data exfiltration using DNS queries (e.g., via xp_dirtree) to external domains as part of its exploitation examples.

performing-second-order-sql-injection