The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the terminal tool to perform network diagnostics and API requests via curl, nslookup, and openssl. It also provides instructions for running pytest to execute regression tests from the local file system.
[REMOTE_CODE_EXECUTION]: An automated scan flagged a potential piped execution pattern: curl -s https://api.example.com/users | python3. Manual inspection reveals that this command uses python3 -m json.tool, which is a standard library module used for formatting JSON data and does not execute the input as code. However, the use of pipes from network sources to interpreters remains a pattern that requires user awareness.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests and processes data from external APIs and third-party documentation via web_extract and curl. If an attacker-controlled API returns malicious instructions in error messages or data fields, it could attempt to influence the agent's subsequent logic. The skill lacks explicit boundary markers or sanitization for these external inputs.
[DATA_EXFILTRATION]: The skill demonstrates safe handling of sensitive data. It explicitly instructs the user to store tokens in environment variables (os.environ) or local .env files rather than hardcoding them. It also provides a utility function (redact_auth) to strip sensitive headers like Authorization and Cookie from logs.

rest-graphql-debug