The Agent Skills Directory

Unverifiable Dependencies (MEDIUM): The file references/pgroll-guide.md recommends installing the pgroll tool from xataio (via brew, go install, or docker). Since xataio is not among the trusted GitHub organizations or repositories, this constitutes an unverifiable external dependency.
Indirect Prompt Injection (MEDIUM): The migration templates in scripts/expand-contract-template.py and examples/zero-downtime-examples.md use f-strings to interpolate variables like TABLE_NAME and OLD_COLUMN directly into raw SQL queries (e.g., op.execute(f"... {TABLE_NAME} ...")). This creates a significant SQL injection surface if the agent handles untrusted input to generate these migration parameters. * Ingestion points: Variables TABLE_NAME, OLD_COLUMN, and NEW_COLUMN in scripts/expand-contract-template.py and examples/zero-downtime-examples.md. * Boundary markers: None present in templates. * Capability inventory: High-privilege database execution via op.execute() and db.execute() for schema modifications. * Sanitization: Absent; the templates use direct string concatenation/interpolation for schema identifiers.
Command Execution (LOW): The skill provides guides for executing high-privilege operations, including software installation and database schema changes (DROP, ALTER). While legitimate for its purpose, these capabilities represent a risk tier that should be strictly monitored.

zero-downtime-migration