The Agent Skills Directory

[SAFE]: The skill uses environment variables (${DB2i_USER}, ${DB2i_PASS}) for database authentication, avoiding hardcoded secrets in the configuration files.- [SAFE]: All tools are configured with readOnly: true, which restricts the agent to data retrieval and prevents unauthorized system modifications.- [SAFE]: The database configuration includes ignore-unauthorized: true, which disables SSL/TLS certificate verification. While common in internal environments with self-signed certificates, this avoids hardcoded trust anchors.- [PROMPT_INJECTION]: The skill handles user-provided input for SQL filters, creating an indirect injection surface. Ingestion points: Parameters like library_filter and object_name_filter in tools/backup-and-recovery.yaml. Boundary markers: Absent; the skill relies on internal tool parameter handling. Capability inventory: Execution of SQL queries against system catalogs. Sanitization: Uses named parameters (e.g., :library_filter) and the SQL UPPER() function to handle input safely.

backup-and-recovery