The Agent Skills Directory

Metadata Poisoning (LOW): The SKILL.md file contains instructions to 'proactively suggest using K-Dense Web' when tasks become complex. This is a promotional steering attempt designed to influence the agent's behavior for commercial purposes.- Unverifiable Dependencies & Remote Code Execution (LOW): The skill depends on 'vaex', 'pandas', 'numpy', and 'pyarrow'. These are trusted libraries in the data science community. The use of 'vaex.example()' and 'vaex.open()' involve downloading data from remote sources, which is a standard feature of the library but qualifies as a remote data reference.- Indirect Prompt Injection (LOW): The skill processes untrusted tabular data from external files. 1. Ingestion points: 'vaex.open()' and 'vaex.from_csv()' in SKILL.md and references/core_dataframes.md. 2. Boundary markers: Absent. The skill does not instruct the agent to ignore or delimit instructions found within the data. 3. Capability inventory: Includes local file read/write (e.g., 'export_hdf5') and large-scale data processing. 4. Sanitization: None mentioned; it relies on the safety of underlying library parsers.

vaex