The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill ingests untrusted data from an OMERO server, including project names, image metadata, and annotations. This creates a surface for indirect prompt injection where malicious instructions stored in the database could influence the agent's behavior.
Ingestion points: conn.getObjects, conn.listProjects, and conn.getObject found in SKILL.md and references/connection.md.
Boundary markers: None identified in the provided reference materials.
Capability inventory: The skill allows network communication with OMERO servers, pixel data processing via NumPy, and administrative operations like user substitution (suConn).
Sanitization: No explicit sanitization or filtering of retrieved metadata is documented before the data is processed by the agent.
[CREDENTIALS_UNSAFE] (SAFE): The skill follows security best practices for credential management, explicitly documenting the use of environment variables and yaml.safe_load to prevent hardcoding or unsafe parsing of secrets.
[EXTERNAL_DOWNLOADS] (SAFE): Installation utilizes the legitimate omero-py package from standard Python repositories. Per [TRUST-SCOPE-RULE], these standard dependencies are considered safe.

omero-integration