The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The framework utilizes pickle for serializing and deserializing component state stored in a local LMDB database, as seen in the documentation for unpickle_safe and serialize_by_pickle. Unsafe deserialization of a manipulated local database file could lead to arbitrary code execution. Additionally, the SentenceTransformerEmbedder includes a trust_remote_code parameter which, if enabled, allows the execution of untrusted Python code embedded within model files from remote repositories.
[EXTERNAL_DOWNLOADS]: The skill facilitates downloading AI models from well-known services like Hugging Face and interacts with various cloud LLM providers (OpenAI, Azure, Vertex AI) through the litellm library. It also requires the installation of the cocoindex package via pip.
[COMMAND_EXECUTION]: The cocoindex CLI allows for the execution of logic defined in arbitrary Python application files using subcommands like update and drop. This involves loading and running code from user-specified file paths.
[PROMPT_INJECTION]: The framework presents a surface for indirect prompt injection. It ingests data from untrusted external sources—including local files, Kafka topics, S3 buckets, and Google Drive—and processes this content via LLMs for extraction or embedding without explicit evidence of sanitization or boundary markers.
[DATA_EXFILTRATION]: Through its connector architecture, the skill facilitates reading data from sensitive local sources and transmitting it to external targets such as Amazon S3, Qdrant, or Postgres databases.

oms-cocoindex