The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes external binaries like crane and kompose to resolve container image metadata and transform orchestration files. These operations are performed using Python's subprocess.run with list-based arguments, effectively preventing shell injection vulnerabilities. The execution is limited to specific, well-known development tools necessary for the skill's primary function.
[PROMPT_INJECTION]: The instructions provided in SKILL.md and reference files are strictly focused on technical conversion logic and governance. There are no attempts to override model safety filters, act in unrestricted modes (DAN), or ignore previous instructions.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It relies on standard Python packages and pre-installed system binaries. Dynamic execution patterns such as eval() or exec() on untrusted input are absent from the codebase.
[DATA_EXFILTRATION]: While the skill processes database and storage configuration, it promotes secure practices by mapping sensitive credentials to Kubernetes secretKeyRef entries. Network activity is limited to standard container registry interactions (via crane) for image tag resolution, which is a core feature of the tool.
[NO_CODE]: Although the skill contains significant Python code, it is utilized for deterministic file transformation and validation purposes (consistency checking and template generation) rather than as a primary autonomous execution path for the agent.

docker-to-sealos