The Agent Skills Directory

[SAFE]: The provided code templates for atomic writes and file locking follow industry best practices for ensuring data integrity and preventing corruption. No malicious patterns, unauthorized network access, or credential exposure were detected.- [DYNAMIC_EXECUTION]: Implements a project-relative discovery mechanism in SKILL.md that dynamically adjusts sys.path to import local vendor libraries. This is a standard utility for tool discovery within the vendor's ecosystem and does not load code from untrusted external sources.- [INDIRECT_PROMPT_INJECTION]: The AgentTracker integration identifies an ingestion point for task messages and tool usage metadata. While this represents an attack surface, the capability is limited to logging and persistence. Ingestion points: SKILL.md (AgentTracker.save_agent_checkpoint message parameter). Boundary markers: Absent. Capability inventory: Local file system operations (json.dump, os.replace, Path.unlink) and file locking (fcntl.flock). Sanitization: Absent; the pattern persists metadata directly to state files.

state-management-patterns