The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the Bash tool to run the schema0 CLI for tasks such as building applications, managing database migrations, and handling deployments.
[CREDENTIALS_UNSAFE]: The instructions guide the agent to handle and set sensitive credentials, such as database URLs and API keys, using the schema0 secrets set command. This includes importing secrets from local .env files.
[DATA_EXFILTRATION]: The schema0 sync command is documented to transfer local repository data, including branches and history, to the Schema0 platform. Similarly, secrets are uploaded to the Schema0 backend. These operations are consistent with the skill's stated purpose of managing a remote deployment environment.
[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted data from the local environment (e.g., SQL migration statements in version.md and secret values in secrets.md) and interpolates them into CLI commands.
Ingestion points: CLI arguments such as --statements for migrations and KEY=VALUE pairs for secrets, as well as the contents of .env files.
Boundary markers: The documentation recommends using single quotes for key-value pairs to prevent shell expansion.
Capability inventory: The skill uses the Bash tool to execute commands that can modify remote databases and application configurations.
Sanitization: Basic parsing for .env files is mentioned, but the skill relies on the agent to correctly format shell arguments.

schema0-cli