The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The file references/streamlit-advanced.md demonstrates model loading using pickle.load(), which is vulnerable to arbitrary code execution if the source file is malicious.
[REMOTE_CODE_EXECUTION]: The skill has an attack surface for indirect prompt injection. 1. Ingestion points: Reads external data files (e.g., data.parquet) for profiling in SKILL.md. 2. Boundary markers: None; external data is processed directly without isolation or instructions to ignore embedded prompts. 3. Capability inventory: The skill permits file writing (chart.save), software installation (pip), and network server hosting (Dash/Bokeh). 4. Sanitization: No content validation or sanitization is performed on ingested data.
[COMMAND_EXECUTION]: The documentation references multiple command-line operations, including pip install for various utilities (nbval, voila, streamlit-aggrid), and tools for notebook execution and conversion (nbval, voila, nbconvert, quarto).
[EXTERNAL_DOWNLOADS]: The skill uses sentence-transformers which downloads pre-trained models from Hugging Face and suggests installing several third-party packages from PyPI.
[DATA_EXFILTRATION]: Implementation examples for mlflow and wandb involve transmitting parameters, metrics, and artifacts to remote tracking servers, which is typical for these services.

data-science-eda