The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions for running a marimo notebook server. Notebook environments are designed to execute arbitrary Python code, and the instructions specifically show how to run the editor and runner locally.
[DATA_EXFILTRATION]: The skill recommends using the flags --host 0.0.0.0 and --no-token when starting the notebook server. Binding to 0.0.0.0 makes the service accessible to any device on the local network, and disabling the token removes authentication. This configuration allows any user on the same network to access the notebook, which can lead to unauthorized access to the host file system and code execution capabilities. While the skill documentation includes a warning about the risks on untrusted networks, the provided commands prioritize convenience over security.
[EXTERNAL_DOWNLOADS]: The skill uses the uv tool in sandbox mode to manage dependencies. This involves automatically downloading and installing Python packages defined in the inline script metadata, such as marimo, polars, jupyter-scatter, and pandas.

marimo-notebook