The Agent Skills Directory

[SAFE]: The skill documents the SQLSpec library, which is designed to provide type-safe database interactions across multiple adapters. No malicious patterns were identified in the provided documentation or code snippets.
[PROMPT_INJECTION]: No prompt injection or behavior override instructions were detected in the skill's instructions or metadata.
[DATA_EXFILTRATION]: The skill uses parameterized queries by default and provides clear guidelines against SQL string concatenation. Connection strings in documentation (e.g., postgresql://user:pass@localhost:5432/mydb) are clearly labeled as examples and placeholders. Sensitive information like API keys for Vertex AI is handled through environment variables (os.getenv), which is a security best practice.
[EXTERNAL_DOWNLOADS]: The skill mentions dependencies on well-known and trusted packages such as sqlglot, pyarrow, google-cloud-bigquery, and various database drivers. It also references official documentation and repositories for these services, which are considered safe sources.
[DYNAMIC_EXECUTION]: While the skill mentions loading SQL from external files and supports Python-based migrations, these are standard features for database management tools. The documentation includes security patterns, such as using sqlglot for AST validation to sanitize user-supplied identifiers before use in queries.

sqlspec