The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides numerous pre-defined diagnostic commands intended for execution via shell tools.
Evidence: The references/topology-patterns.md file contains bash and SQL commands for inspecting databases (PostgreSQL, MySQL, Redis), Kubernetes pods, and network endpoints.
Evidence: SKILL.md defines Bash and Run as allowed tools for the agent.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of external telemetry and log data.
Ingestion points: The skill is triggered by and processes "stack traces, error logs, or describes unexpected system behavior" provided by developers or system outputs (SKILL.md).
Boundary markers: The instructions do not define clear delimiters or include warnings to ignore instructions embedded within the logs being analyzed.
Capability inventory: The agent has high-privilege tool access including Bash, Run, and Grep which could be targeted by an injection (SKILL.md).
Sanitization: There is no mention of sanitizing or validating the input data before processing (SKILL.md).

incident-analyzing