The Agent Skills Directory

Unverifiable Dependencies (MEDIUM): The skill requires the installation of the agentic-flow npm package and the numpy Python package, neither of which are from the list of trusted organizations. It also references several production scripts in its documentation (such as quantize_vectors.py, cache_optimize.py, and batch_ops.py) that are missing from the provided file list, meaning their logic cannot be verified.
Dynamic Execution (LOW): The script resources/scripts/hnsw_tuning.sh generates TypeScript configuration and benchmark files at runtime. Although the script uses a strict whitelist (case statement) to validate input parameters for the dataset size, the generation and subsequent instruction to execute these files is a pattern that requires caution.
Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network communication patterns were detected in the provided files.
Privilege Escalation (SAFE): The documentation recommends chmod +x for the skill's own scripts to enable execution, which is considered a standard and expected setup procedure.

agentdb-performance-optimization