The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The Python implementation uses joblib.load() to deserialize models and scalers from disk. Deserializing data using joblib or pickle is inherently unsafe as it can lead to arbitrary code execution if the loaded file is from an untrusted source.
[CREDENTIALS_UNSAFE]: The provided docker-compose.yml template contains a hardcoded administrative password (GF_SECURITY_ADMIN_PASSWORD=admin) for the Grafana monitoring service. While intended as a placeholder, using default credentials in production-oriented templates is a security risk.
[PROMPT_INJECTION]: The FastAPI application exposes an attack surface for indirect prompt injection via the /predict and /predict-batch endpoints. Ingestion points: Untrusted JSON data enters the agent context through the features field in PredictionRequest. Boundary markers: No delimiters or instructions are provided to the model to ignore potential adversarial patterns in input data. Capability inventory: The skill performs model inference and logs results but does not contain file-write or network-send capabilities based on this specific input. Sanitization: Input is validated as a list of floating-point numbers via Pydantic, which provides a layer of protection against non-numeric injection payloads.

Model Deployment