The Agent Skills Directory

[SAFE]: The skill implements strict guidelines for credential management, explicitly forbidding the use of shell commands to read or write sensitive .env files and providing dedicated, controlled functions (check_env, update_env) for configuration.
[COMMAND_EXECUTION]: The skill uses Python scripts to interact with database APIs and perform local data analysis. These operations are within the scope of its documented purpose as a database toolbox.
[DYNAMIC_EXECUTION]: The MultiSourceAnalyzer component utilizes duckdb and pandas to execute SQL queries locally against data extracted from various sources. This is a standard and safe implementation for cross-source data analysis within a restricted environment.
[EXTERNAL_DOWNLOADS]: The skill utilizes standard, well-known Python libraries such as pandas, duckdb, and playwright. The use of playwright is specifically for generating analysis reports and screenshots, which is a common requirement for data visualization tasks.
[INDIRECT_PROMPT_INJECTION]: The skill processes data from external databases and files (CSV, Excel, Parquet). While this constitutes an attack surface for indirect prompt injection if the data contains malicious instructions, the skill uses structured analysis workflows and templates to mitigate the risk of accidental instruction following.

database-skill