The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses execute_sql to run database queries and jq to parse local dbt project artifacts (manifest.json and catalog.json). These operations are required for the tool to function as a bridge between natural language and dbt project data.
[PROMPT_INJECTION]: The skill processes dbt metadata files to discover model schemas, which presents a surface for indirect prompt injection if those project files contain malicious content.
Ingestion points: Reads schema and model definitions from target/manifest.json and target/catalog.json.
Boundary markers: Absent; the skill does not define specific delimiters for data ingested from the project artifacts.
Capability inventory: Includes the ability to execute SQL (execute_sql), run metrics queries (query_metrics), and display results (show).
Sanitization: There is no documented validation or escaping of the metadata content before it is used to construct or modify SQL queries.

answering-natural-language-questions-with-dbt