The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to source a local shell script ("env.sh") into the current shell environment before executing build, test, or deployment commands. Sourcing a file executes all commands within it in the current process context.\n- [COMMAND_EXECUTION]: The skill implements a security protocol that requires inspecting the file for a blocklist of dangerous commands (such as "curl", "eval", "sudo", or "rm") and ensuring it only contains "export" statements. However, manual or automated string-based validation of shell scripts is often bypassable via alternative shell syntax, obfuscation, or redirection techniques that the provided list may not cover.\n- [COMMAND_EXECUTION]: The skill is designed to work with sensitive infrastructure and package management tools like "docker", "terraform", "kubectl", and "npm", meaning any successful bypass of the validation rules could lead to unauthorized system modifications or credential theft during the build/deploy process.

workflow-env