The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill programmatically manages its dependencies by using the subprocess module to install or upgrade the idc-index package from the public PyPI registry. This is used to ensure the execution environment matches the required version specified in the skill's metadata.
[COMMAND_EXECUTION]: The skill executes the pip3 command via subprocess.run to perform package management tasks. This behavior is restricted to the specific idc-index library required for the skill's operations.
[EXTERNAL_DOWNLOADS]: The skill is designed to fetch extensive medical datasets, including DICOM imaging files and clinical metadata, from the National Cancer Institute (NCI) Imaging Data Commons buckets on AWS S3 and Google Cloud Storage. These are well-known, public scientific data repositories.
[PROMPT_INJECTION]: The skill ingests metadata from external SQL databases and clinical tables, which presents a surface for indirect prompt injection. 1. Ingestion points: SQL query results from the index table and clinical data from the clinical_index table as described in SKILL.md and clinical_data_guide.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands were found in the provided patterns. 3. Capability inventory: The skill can execute shell commands for package installation, write files to the local file system, and perform network downloads. 4. Sanitization: No explicit validation or sanitization of the remote metadata strings is documented, with the skill relying on the integrity of the official NCI data source.

imaging-data-commons