The Agent Skills Directory

[SAFE]: The skill facilitates data acquisition through official and well-known tools, including the Kaggle CLI and the Hugging Face hub library.
[SAFE]: External network communications are limited to established and reputable research infrastructure and technology services such as Google, Zenodo, and Hugging Face.
[SAFE]: Implementation examples include security best practices, such as SHA-256 hash verification, to ensure the integrity of downloaded research data.
[PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection due to the ingestion of external dataset metadata.
Ingestion points: Data enters the agent context via search results from the Zenodo API (response.json()) and the Hugging Face Hub API.
Boundary markers: Explicit delimiters or warnings to ignore instructions within the ingested metadata are absent in the provided snippets.
Capability inventory: The skill uses file writing (path.write_bytes), Kaggle CLI commands, and archive extraction (unzip).
Sanitization: No validation or sanitization is performed on the retrieved metadata before it is processed or displayed.

dataset-finder-guide