The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform environment setup and orchestration management, such as installing dependencies via pip install, initializing databases with airflow db init, and launching servers like prefect server start in SKILL.md and EXAMPLES.md.\n- [EXTERNAL_DOWNLOADS]: The skill specifies the installation of well-known machine learning and orchestration packages including prefect, apache-airflow, mlflow, and scikit-learn from standard public registries as seen in SKILL.md and EXAMPLES.md.\n- [REMOTE_CODE_EXECUTION]: Code snippets in EXAMPLES.md (Code Block 5) employ joblib.load() to deserialize models. While this is standard practice in ML, it represents a risk of arbitrary code execution if an attacker provides a malicious model file to be loaded by the agent.\n- [DATA_EXFILTRATION]: The skill configures integrations with external platforms such as Slack for alerting and MLflow for experiment tracking in EXAMPLES.md (Code Blocks 8 and 9), which involves transmitting metadata about the pipeline execution to remote servers.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted data files.\n
Ingestion points: Data is read from external CSV files (e.g., data/raw/customers.csv) using pandas and dvc.api.open in both SKILL.md and EXAMPLES.md.\n
Boundary markers: No specific boundary markers or instructions to ignore embedded commands are used during data ingestion.\n
Capability inventory: The skill allows access to high-impact tools including Bash, Write, Edit, and Read as defined in SKILL.md. Capability includes network operations via mlflow and file-write via pandas.to_csv and joblib.dump in EXAMPLES.md.\n
Sanitization: There is no evidence of sanitization or validation of the CSV content prior to its use in the pipeline stages.

orchestrate-ml-pipeline