The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches a version configuration file (versions.json) from the author's official GitHub repository to check for updates.
[COMMAND_EXECUTION]: Executes various shell commands, such as git clone, npm install, and pip install, to prepare environments and install third-party libraries requested by the user.
[REMOTE_CODE_EXECUTION]: Instructs the agent to write and execute scripts locally that exercise the primitives of the target library. It also suggests running npx skills update try to update the skill itself, which involves downloading and executing remote code.
[INDIRECT_PROMPT_INJECTION]: The skill processes data from untrusted external sources, such as GitHub repositories and package manifests, which may contain malicious instructions designed to influence the agent's behavior or output during the evaluation.
Ingestion points: Reads README.md, package.json, source code, and tests from cloned repositories in SKILL.md.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when reading external file content.
Capability inventory: The skill can execute shell commands, install packages, and run generated scripts (Phase 0, Phase 2, Phase 3 in SKILL.md).
Sanitization: No explicit sanitization or validation of the external repository content is performed before processing or script generation.
[DYNAMIC_EXECUTION]: Generates and executes local scripts (e.g., .ts, .py, .js) at runtime to demonstrate library primitives and compositions based on the content of the analyzed library.

try