The Agent Skills Directory

[PROMPT_INJECTION]: No patterns of prompt injection, safety filter bypasses, or instructions to ignore previous constraints were identified. The skill follows standard instructional logic for configuring Perses.
[DATA_EXFILTRATION]: No evidence of sensitive data harvesting or unauthorized exfiltration was found. The skill suggests using curl for debugging Prometheus labels, which is a standard verification step in this domain and does not involve sensitive file access.
[OBFUSCATION]: No obfuscated strings, multi-layer Base64 encoding, or hidden Unicode characters were detected in the skill instructions or examples.
[REMOTE_CODE_EXECUTION]: No remote script downloads or piped shell executions from unknown sources were identified. The skill utilizes local CLI tools (percli) and pre-defined MCP tools for management tasks.
[PRIVILEGE_ESCALATION]: No use of sudo, chmod 777, or other privilege escalation techniques were found. The skill operates within the scope of dashboard configuration management.
[PERSISTENCE_MECHANISMS]: No attempts to establish persistence via shell profiles, cron jobs, or startup services were detected.
[METADATA_POISONING]: Metadata fields (name, description, author) are consistent with the skill's stated purpose and contain no malicious instructions.
[INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied data for variable configuration. While it does not explicitly define sanitization logic, the use of structured YAML templates and specific MCP tool schemas effectively limits the attack surface for instruction injection.
[DYNAMIC_EXECUTION]: The skill generates YAML configuration blocks that are applied via the percli CLI. This is a standard and expected pattern for configuration management tools and does not constitute unsafe dynamic code generation.
[DYNAMIC_CONTEXT_INJECTION]: No use of the exclamation-backtick syntax for silent shell execution at load time was found.

perses-variable-manage