The Agent Skills Directory

[SAFE]: No malicious patterns or behaviors were detected in the skill instructions or code templates. The skill is primarily educational and provides functional ETL patterns.
[COMMAND_EXECUTION]: The skill demonstrates SQL execution via DuckDB. It explicitly warns against SQL injection and provides examples of secure, parameterized queries for data handling.
[EXTERNAL_DOWNLOADS]: The skill mentions the installation of DuckDB extensions from official repositories, which is a standard library feature and considered safe.
[PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection given its role in processing external data files. Mandatory Evidence Chain: 1. Ingestion points: Files are ingested using pl.scan_csv and pl.scan_parquet in templates/complete_etl_pipeline.py and patterns/etl.md. 2. Boundary markers: None are explicitly defined for raw data content. 3. Capability inventory: The skill utilizes duckdb.sql for database operations and df.write_parquet for file system writes. 4. Sanitization: The documentation includes specific sections on SQL injection prevention and the use of parameterized queries.

data-engineering-core