The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute local Python scripts (ingest.py, query.py, init.py) and manage a local ChromaDB server instance on 127.0.0.1. These operations are transparently documented and align with the skill's stated purpose of managing a vector index.
[EXTERNAL_DOWNLOADS]: The skill's installation instructions include pip install commands. These commands target a local requirements file (./requirements.txt), which references a project-level configuration. No downloads from unknown or untrusted third-party repositories or URLs were identified.
[PROMPT_INJECTION]: The skill indexes repository files into a vector store, which constitutes a surface for indirect prompt injection.
Ingestion points: Files from the local repository are read and processed by ingest.py (documented in SKILL.md).
Boundary markers: The provided instructions do not specify the use of delimiters or 'ignore' instructions to prevent the agent from obeying commands embedded within the indexed data.
Capability inventory: The skill has access to Bash, Read, and Write tools, and executes multiple Python scripts to manage data.
Sanitization: There is no mention of sanitization or filtering of the content being ingested. While this represents a vulnerability surface, it is a standard characteristic of RAG (Retrieval-Augmented Generation) systems and is considered low risk in this context.

vector-db-ingest