The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides SQL snippets and TypeScript code to execute database queries. It correctly uses parameterized inputs ($1, $2) and the pg driver's parameter binding, which prevents SQL injection attacks.
[EXTERNAL_DOWNLOADS]: References standard Node.js libraries 'pg' and 'pgsql-test'. These are well-known, industry-standard packages for PostgreSQL interaction and testing.
[INDIRECT_PROMPT_INJECTION]: The skill ingests user-provided search strings in the findSimilar and getContext methods.
Ingestion points: The query parameter in TypeScript methods.
Boundary markers: None explicitly used in the prompt interpolation, but the search process converts text to a vector embedding first.
Capability inventory: Database read access via this.pool.query.
Sanitization: Employs strong sanitization by using parameterized queries ($1::vector) which treats the user input as data rather than executable code.

pgvector-similarity-search