The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill is designed to fetch and install third-party code packages via the npx skills tool. It specifically references well-known technology organizations such as Vercel and Anthropic as trusted sources for these downloads.
[COMMAND_EXECUTION]: Uses the shell to execute package management commands, including searching (find), installing (add), and updating skills. It includes instructions to require user confirmation before performing installations.
[PROMPT_INJECTION]: Contains a surface for indirect prompt injection as it processes untrusted data from an external skill registry. * Ingestion points: External data from npx skills find and skills.sh search results enter the agent context. * Boundary markers: No explicit delimiters are used to wrap the external search results. * Capability inventory: The agent can execute shell commands and install software globally via the skills CLI. * Sanitization: Relies on manual AI verification of package popularity and source credibility rather than automated programmatic filtering.

find-skills