The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @cipherstash/stack and drizzle-orm packages from the npm registry, which are expected and legitimate dependencies for the described functionality.
[COMMAND_EXECUTION]: The documentation includes steps to run npx generate-eql-migration and npx drizzle-kit migrate to handle database schema initialization and migrations.
[SAFE]: The code examples demonstrate the secure practice of using environment variables (process.env.DATABASE_URL) for database connection strings rather than hardcoding credentials.
[PROMPT_INJECTION]: The Express API example contains a vulnerability surface for indirect prompt injection. 1. Ingestion points: Untrusted data enters via req.body and req.query (email, minAge, and role parameters) in the sample API implementation. 2. Boundary markers: The example does not implement specific delimiters or instructions to ignore embedded commands within the ingested data. 3. Capability inventory: The application has the capability to perform database operations including inserts and selects using the db.insert and db.select methods. 4. Sanitization: The implementation relies on Drizzle ORM's internal parameterization and CipherStash's encryption operators to manage and sanitize data before it reaches the database.

stash-drizzle