The Agent Skills Directory

[COMMAND_EXECUTION]: The snowflake-deploy companion agent utilizes Bash and Read tools to execute deployment-related commands such as snow app run and snow app version create. It also reads local project configuration files like snowflake.yml and manifest.yml. These actions are within the scope of its defined purpose for managing Snowflake applications (evidence in agents/snowflake-deploy.md).\n- [EXTERNAL_DOWNLOADS]: The skill references the installation of the official snowflake-cli package via pip, as seen in SKILL.md and references/snow-cli-commands.md. This targets a well-known service and is standard practice for this development environment.\n- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface. The snowflake-deploy agent processes untrusted data from local project files, specifically manifest.yml and setup_script.sql, which influence deployment status reporting and workflow. The implementation lacks explicit boundary markers or sanitization logic to mitigate the risk of malicious instructions embedded in these files (evidence in agents/snowflake-deploy.md).

snowflake-platform