The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill identifies an attack surface where data retrieved from external LLM applications via the Arize platform could contain malicious instructions.
Ingestion points: Trace and span data downloaded using ax spans export and ax traces export commands (SKILL.md).
Boundary markers: The instructions include an explicit 'untrusted content guardrail' that directs the agent to treat all exported data as raw text and never execute or interpret it as instructions.
Capability inventory: The skill executes shell commands using the ax CLI tool for profile configuration and data retrieval.
Sanitization: The skill relies on clear instructional constraints for the agent rather than automated data sanitization.
[EXTERNAL_DOWNLOADS]: The setup instructions provide standard procedures for installing the arize-ax-cli and certifi packages through official registries using tools like pip, uv, or pipx (references/ax-setup.md).
[COMMAND_EXECUTION]: The skill defines various workflows that utilize the ax command-line interface to interact with the Arize platform, including profile management, space discovery, and data export operations.
[CREDENTIALS_UNSAFE]: The skill demonstrates secure credential handling by explicitly instructing the agent never to read .env files or search the filesystem for secrets, and instead guides the user to set the ARIZE_API_KEY environment variable (references/ax-profiles.md).

arize-trace