The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The assets/docker-compose-stack/.env.example and docker-compose.yaml files contain default passwords (mlflow for PostgreSQL and minioadmin for MinIO). However, the skill provides a scripts/start-mlflow-server.sh script that implements a secure secret rotation mechanism during initialization, replacing these defaults with random 24-character hex strings generated from openssl or /dev/urandom.
[PROMPT_INJECTION]: The skill establishes a surface for indirect prompt injection by collecting and processing LLM traces. 1. Ingestion points: Data enters the agent's environment from external LLM providers via the tracking server. 2. Boundary markers: No explicit delimiters or markers are used to isolate logged data from instructions. 3. Capability inventory: The scripts/tail-runs.sh utility allows the agent to read and process these logged runs and traces. 4. Sanitization: While the documentation identifies risks such as PII in traces, no automated sanitization or filtering is implemented in the provided scripts.
[EXTERNAL_DOWNLOADS]: The skill downloads the official MLflow container image from ghcr.io and utilizes standard Python packages from PyPI (psycopg2-binary, boto3, mlflow, pandas). It also references mlflow-widgets, a package authored by the skill's vendor. All resources are sourced from well-known repositories or the verified vendor infrastructure.

mlflow-tracking