The Agent Skills Directory

Prompt Injection (LOW): The skill exhibits an indirect prompt injection surface (Category 8) by processing untrusted or system-generated data.
Ingestion points: Processes results from INFORMATION_SCHEMA.COLUMNS (database metadata) and af dags list (Airflow CLI output).
Boundary markers: Absent. The skill does not define specific delimiters or instructions to treat database/CLI output as potentially adversarial data.
Capability inventory: The skill can execute arbitrary SQL queries and local CLI commands (af).
Sanitization: Absent. The instructions suggest dynamic interpolation of discovered column names and DAG IDs directly into executable templates without escaping or validation.
Command Execution (SAFE): The use of the af (Airflow) CLI tool for status checks is consistent with the primary purpose of the skill and does not involve elevated privileges or remote script downloading.

checking-freshness