The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill installs the trigger-dev-pp-cli tool from the author's GitHub repository (github.com/mvanhorn/printing-press-library) using go install and from the @mvanhorn/printing-press NPM package via npx. These are documented as vendor resources.
[DATA_EXFILTRATION]: Includes a --deliver webhook:<url> feature that POSTs command results to a user-specified URL, which could be used to transmit sensitive run data, deployment information, or masked environment variable metadata.
[COMMAND_EXECUTION]: Executes the trigger-dev-pp-cli binary to perform management tasks against the Trigger.dev API.
[PROMPT_INJECTION]: Vulnerable to indirect prompt injection due to the ingestion of untrusted data from the Trigger.dev API (e.g., run payloads, error messages, and task metadata) via commands like runs find and runs retrieve-v1. \n
Ingestion points: External data from runs and tasks is fetched and processed in the SKILL.md workflows. \n
Boundary markers: There are no explicit instructions or delimiters to isolate untrusted data from the agent's control logic. \n
Capability inventory: The CLI can delete schedules (schedules delete-v1), update waitpoints (waitpoints complete-token-v1), and compare environment variables (envvars diff). \n
Sanitization: No sanitization or validation of external run content is described.

pp-trigger-dev