The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill documents the installation of several community-maintained Python packages for extending Streamlit functionality, such as streamlit-aggrid, streamlit-folium, and pygwalker. It includes a 'Use with caution' advisory section recommending that developers verify the maintenance and popularity of these third-party components before adoption.
[REMOTE_CODE_EXECUTION]: In skills/using-streamlit-cli/SKILL.md, the documentation describes the streamlit run command's ability to execute scripts directly from a remote URL (e.g., GitHub). This is a native feature of the Streamlit CLI being documented for legitimate development use.
[COMMAND_EXECUTION]: The skill provides instructions for using the streamlit CLI and the uv package manager for environment setup and application execution. These are standard development workflows for the Streamlit framework.
[DATA_EXPOSURE]: The skill specifically addresses security in skills/connecting-streamlit-to-snowflake/SKILL.md by recommending the use of .streamlit/secrets.toml for credential management and providing instructions to ensure this file is added to .gitignore to prevent accidental exposure.
[PROMPT_INJECTION]: Documentation for building chat interfaces in skills/building-streamlit-chat-ui/SKILL.md describes standard patterns for handling user input in LLM-powered applications. While this creates a surface for indirect prompt injection, the skill itself is a template for UI construction and does not contain malicious instructions.

developing-with-streamlit