The Agent Skills Directory

[COMMAND_EXECUTION]: Potential SQL injection vulnerability detected in Template 3 (PgVectorStore.search). The implementation iterates through the filter_metadata dictionary and interpolates keys directly into the SQL query string using f"metadata->>'{key}' = ${len(params)}". This pattern is unsafe if dictionary keys are derived from external or untrusted sources, as it allows for structural manipulation of the SQL query.
[EXTERNAL_DOWNLOADS]: The skill utilizes several standard third-party libraries, including pinecone, qdrant-client, asyncpg, weaviate-client, and sentence-transformers. These are well-known packages in the machine learning and database ecosystem and are used here for their intended functionality. References to these packages are handled neutrally.
[SAFE]: The code templates correctly handle sensitive credentials, such as API keys and connection strings, by requiring them as initialization arguments rather than hardcoding secrets into the source code.

similarity-search-patterns