The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/check-versions.sh performs version checks by fetching metadata from PyPI and NPM. While these involve piping network data to interpreters, the script uses python3 -c to execute a local parsing routine on the received JSON data rather than executing the downloaded content. These are well-known services and the operation is used for legitimate version synchronization.
[COMMAND_EXECUTION]: The skill exposes powerful backend management tools, including execute_raw_sql and manage_function. These tools are protected by internal security layers such as the SQLAnalyzer, and the skill instructions mandate a "Destructive-op protocol" (Plan-Validate-Execute) requiring explicit human confirmation for all high-risk changes.
[DATA_EXFILTRATION]: Backend secrets and credentials are managed through dedicated tools like get_secret. The system is designed to return masked values for sensitive data via the MCP interface, ensuring that the agent does not have access to plaintext credentials while still being able to manage the resource state.
[PROMPT_INJECTION]: The skill ingests complex structured data and code from the user to provision the backend. It mitigates indirect injection risks by requiring strict validation against Frictionless and JSON schemas and enforcing human-in-the-loop verification steps before execution.

taruvi-backend-provisioning