The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes the uvx tool to fetch and install the ByteHouse MCP server package from the vendor's official GitHub repository at github.com/volcengine/mcp-server. This is documented as the standard installation path for the service.\n- [REMOTE_CODE_EXECUTION]: Runtime execution of the downloaded MCP server implementation is facilitated by uvx and the mcp Python library to enable database interaction capabilities. This behavior is consistent with the skill's primary intended purpose.\n- [COMMAND_EXECUTION]: The provided shell scripts (start_mcp_service.sh, stop_mcp_service.sh, restart_mcp_service.sh) execute system-level commands, including kill, ps, and mkdir, to manage the background lifecycle of the MCP server process.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its database interaction tools. \n
Ingestion points: The query input of the run_select_query and run_dml_ddl_query tools, as well as the text content retrieved from the database and processed by scripts like test_mcp_server.py. \n
Boundary markers: Absent; there are no delimiters or instructional constraints provided to the agent to differentiate between trusted system instructions and potentially malicious data embedded within database query results. \n
Capability inventory: The skill possesses the capability to execute shell commands (via service management scripts), perform network operations to remote database hosts, and execute arbitrary SQL commands (including DDL/DML). \n
Sanitization: Absent; the skill code does not implement sanitization, parameterization, or validation for SQL queries before execution, nor does it sanitize data retrieved from the database before passing it back to the agent context.

byted-bytehouse-mcp