The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill demonstrates processing data from untrusted external sources (S3, GCS, Azure) using read_parquet, read_csv, and delta_scan (SKILL.md). It possesses high-privilege capabilities including the ability to write data back to cloud storage via the COPY command and execute complex SQL logic. No sanitization, validation, or boundary markers are provided for the ingested data, making it vulnerable to malicious instructions embedded in remote files.
Credentials Unsafe (HIGH): The documentation includes multiple examples of hardcoding AWS access keys (AKIA...) and secret keys directly in the source code via SET commands and os.environ assignments (SKILL.md).
External Downloads (MEDIUM): The skill uses INSTALL httpfs; and INSTALL delta; to download and load binary extensions from the DuckDB repository at runtime. While the source is generally trusted, this constitutes the execution of unverified remote binaries (SKILL.md).

data-engineering-storage-remote-access-integrations-duckdb