The Agent Skills Directory

[SAFE]: The skill implements robust credential management by explicitly prohibiting the embedding of API keys or secrets in code, instead directing users to leverage environment variables and the official Arize CLI (ax) for secure configuration.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) as it parses untrusted local files to determine configuration steps.
Ingestion points: Phase 1 involves reading dependency manifests such as package.json, pyproject.toml, requirements.txt, and pom.xml, as well as scanning source code imports.
Boundary markers: The instructions do not specify any delimiters or warnings to ignore malicious content embedded within these manifests.
Capability inventory: The skill is capable of executing shell commands for package installation (pip, npm, pnpm, yarn, maven, gradle) and running the ax CLI tool, as well as writing new instrumentation modules to the filesystem.
Sanitization: No validation or sanitization of the data retrieved from the manifests is performed before using it to drive implementation logic.
[COMMAND_EXECUTION]: The skill utilizes common package managers and the ax CLI to manage instrumentation dependencies and verify environment configuration.
[EXTERNAL_DOWNLOADS]: Fetches documentation and implementation guides from Arize's official domain (arize.com). Arize is a well-known observability service provider.

arize-instrumentation