The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill ingests data from untrusted remote sources and possesses the capability to modify storage. Ingestion points: obs.get, obs.get_async, obs.list (SKILL.md). Boundary markers: None. Capability inventory: obs.put, obs.delete, obs.rename, obs.copy (SKILL.md). Sanitization: None detected.
Command Execution (HIGH): The LocalStore component allows the agent to read and write to the host file system, posing a risk of local data exposure or modification.
Credentials Unsafe (LOW): Example code includes hardcoded credential placeholders (e.g., AKIA...) which may lead to unsafe practices by users.
External Downloads (LOW): The skill requires installing the obstore package from PyPI.

data-engineering-storage-remote-access-libraries-obstore