The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the agent to clone a repository from https://github.com/Manali0711/Harvard-Artifacts-Collection-Data-Engineering-Analytics-App.git. This source is a personal account and is not a verified organization or well-known service.
[COMMAND_EXECUTION]: Executes shell commands to set up the project environment, specifically git clone, pip install -r requirements.txt, and streamlit run app.py.
[PROMPT_INJECTION]: The skill ingests artifact metadata, media, and color data from the Harvard Art Museums API (api.harvardartmuseums.org), which is an untrusted external source. This creates a surface for indirect prompt injection if the ingested content is used to influence subsequent agent actions or logic.
Ingestion points: Fetches data records in the fetch_artifacts_from_api function within SKILL.md.
Boundary markers: No delimiters or instructions are used to distinguish the ingested API data from the agent's core instructions.
Capability inventory: The skill has database write capabilities via mysql-connector-python and network access via requests.
Sanitization: While the code uses SQL parameterization for data values, it does not validate or sanitize the textual content of the API response for potential malicious instructions before processing.

harvard-artifacts-collection-analytics-pipeline