The Agent Skills Directory

[COMMAND_EXECUTION]: The reference documentation contains shell commands utilizing "sudo" to perform administrative operations, such as installing packages via "apt" or "yum" and managing certificates with "certbot".
[COMMAND_EXECUTION]: The skill instructions direct the agent to perform server-level modifications, including configuring Nginx or Apache server blocks to implement 301 redirects and certificate paths.
[EXTERNAL_DOWNLOADS]: The skill workflow involves downloading and installing software from official Linux distribution repositories and provisioning certificates from Let's Encrypt.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it is designed to ingest and analyze data from external websites, which may contain malicious instructions designed to influence agent behavior.
Ingestion points: Target website headers, forms, and page content (SKILL.md).
Boundary markers: None are specified to separate untrusted website content from the agent's instructions.
Capability inventory: The agent has the ability to execute shell commands for system configuration and software management (references/rule.md).
Sanitization: No explicit sanitization or validation of the data retrieved from external URLs is defined.

https