The Agent Skills Directory

[SAFE]: No malicious patterns such as direct prompt injection, credential theft, or unauthorized network operations were detected. The skill is consistent with its stated purpose of data warehouse exploration for the CARTO platform.
[COMMAND_EXECUTION]: The skill uses the official carto CLI tool to perform discovery tasks. Commands include carto connections browse, carto connections describe, carto named-sources list, and carto named-sources get. These are legitimate management commands used within the expected vendor context.
[PROMPT_INJECTION]: The skill processes external metadata from a connected data warehouse, creating a surface for indirect prompt injection.
Ingestion points: Metadata such as table names, column types, and SQL definitions are retrieved via CLI commands in SKILL.md and references/connection-browse.md.
Boundary markers: No specific delimiting instructions or "ignore embedded instructions" warnings are provided for the agent when handling this metadata.
Capability inventory: The agent has the capability to execute shell-based CLI commands (carto) to interact with the database.
Sanitization: The skill does not specify any sanitization steps for the data retrieved from the warehouse.

carto-explore-datawarehouse