The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides an interface to execute ClickHouse SQL queries in-process via the chdb library. This is a standard analytical capability for querying datasets in Python environments.
[EXTERNAL_DOWNLOADS]: The SQL engine supports reading data from remote locations using table functions such as url(), s3(), gcs(), and azureBlobStorage(). These are documented features for analyzing data hosted on cloud providers or web servers.
[DATA_EXFILTRATION]: The skill documents connectors for external databases including MySQL, PostgreSQL, MongoDB, and remote ClickHouse instances. This enables cross-database joins and data transfer as part of normal analytical workflows.
[REMOTE_CODE_EXECUTION]: The chdb library supports Python User-Defined Functions (UDFs) and AI-assisted SQL generation (chdb.generate_sql). These features involve executing Python logic or dynamically generated SQL, which are functional extensions of the engine.
[PROMPT_INJECTION]: The skill processes external data (CSV, Parquet, JSON, etc.) which constitutes a potential injection surface for untrusted data.
Ingestion points: file(), s3(), url(), and various database connectors defined in references/table-functions.md.
Boundary markers: None specified for the SQL execution environment.
Capability inventory: File system access (via Session and file()) and network operations (via cloud and DB functions).
Sanitization: The documentation explicitly encourages the use of parametrized queries (via the params argument) to prevent SQL injection attacks.

chdb-sql