The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill facilitates the management of sensitive residential proxy credentials (username and password). These are stored in the workspace environment file at /data/workspace/.env and accessed by the exports.py library and various setup scripts. This behavior is consistent with the skill's primary purpose as a credential manager.
[DATA_EXFILTRATION]: The skill performs network operations to https://ifconfig.co/json via the test_proxy function in exports.py. This is used to verify proxy connectivity and geographical accuracy. The request includes authentication parameters (credentials) sent to the proxy provider's endpoint (geo.iproyal.com). This is standard functionality for a proxy verification tool.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external configurations (skill names, country codes, and session IDs) to determine proxy routing logic.
Ingestion points: Untrusted data enters the agent context through the skill_name, provider, and country arguments in get_proxy_for_skill and the management scripts like bind_skill.py and onboard.py.
Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the processed configuration data.
Capability inventory: The skill possesses the capability to read and write to sensitive files (/data/workspace/.env, /data/workspace/.byo-proxy.json) and perform network requests using the urllib module.
Sanitization: While the skill validates country codes against a whitelist of supported ISO-3166-1 alpha-2 codes, it does not sanitize or validate skill names, which are used as keys in the JSON configuration file.

byo-proxy