The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/filename_fast_path.py performs shell command execution using subprocess.run to call the retriever utility. The implementation is secure as it uses argument lists and avoids the shell=True parameter, which prevents shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill's installation process in references/install.md fetches the NeMo Retriever library from NVIDIA's official GitHub repository. This is a standard and expected operation from a well-known technology provider.
[PROMPT_INJECTION]: The skill handles untrusted data from user-provided document collections, which is a known surface for indirect prompt injection. This behavior is associated with the primary intended purpose of the RAG (Retrieval-Augmented Generation) skill.
Ingestion points: Documents are ingested via the retriever ingest command and processed for text extraction in scripts/filename_fast_path.py.
Boundary markers: There are no explicit markers defined in the script logic to distinguish retrieved text from system instructions.
Capability inventory: The skill possesses capabilities for command execution and file system access as part of its core indexing and retrieval functionality.
Sanitization: Standard document parsing is performed; however, the skill does not implement specific sanitization routines to identify or neutralize potential prompt injection attacks embedded in processed documents.

nemo-retriever