The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill reads the Databricks configuration file located at ~/.databrickscfg. This file is a sensitive credential store that contains host addresses and authentication tokens used to authorize operations against Databricks workspaces.
[COMMAND_EXECUTION]: The skill performs several command-line operations to facilitate the conversion workflow:
Executes omni CLI commands to interact with the Omni platform and retrieve model metadata.
Invokes the databricks CLI and its associated APIs to manage SQL warehouses and execute view definitions.
Uses python3 for JSON serialization of SQL statements during deployment.
Generates and executes SQL logic dynamically by writing to temporary files.
[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection due to its processing of external model definitions:
Ingestion points: Fetches YAML files for topics, views, and relationships from Omni using omni models yaml-get.
Boundary markers: The skill does not use specific markers or instructions to isolate potentially untrusted metadata from its own logic.
Capability inventory: Possesses capabilities to perform network operations via the Databricks API and execute shell commands.
Sanitization: The skill interpolates user-provided metadata fields—such as labels, descriptions, and AI context from Omni—directly into the generated Metric View's display_name, comment, and SQL expressions without validation or sanitization. Malicious content within these fields could be used to manipulate the agent's behavior during the translation process.

omni-to-databricks-metric-view