The Agent Skills Directory

[COMMAND_EXECUTION]: Potential SQL injection surface in scripts/hybrid_search_client.py due to the dynamic construction of SQL queries.\n
Ingestion points: Arguments like table_name and top_k in methods such as create_hybrid_table, insert_document, fulltext_search, and vector_search are directly interpolated into SQL strings using Python f-strings.\n
Boundary markers: Absent. The code does not use backticks or other escaping mechanisms for table identifiers or numeric limits.\n
Capability inventory: The skill uses clickhouse_connect to perform operations on the database, including creating tables and executing search queries.\n
Sanitization: No validation or sanitization is performed on identifiers before they are incorporated into the SQL commands. While typical for specialized database tools, this pattern allows for query manipulation if the agent sources these specific parameters from unvalidated user input.

byted-bytehouse-hybrid-search