The Agent Skills Directory

[COMMAND_EXECUTION]: The PostToolUse hook in SKILL.md uses an unsafe shell command pattern that interpolates the $CLAUDE_TOOL_INPUT variable directly into an echo statement. If the platform performs string replacement or if the shell evaluates the variable content, an attacker could trigger arbitrary command execution by providing tool inputs containing shell metacharacters such as backticks or command substitution sequences.\n- [EXTERNAL_DOWNLOADS]: The modules/mecw-principles.md module references a non-standard Python package named leyline. This package is not an established industry tool and its source is not specified, posing a supply chain risk if the agent attempts to install or run code from it.\n- [REMOTE_CODE_EXECUTION]: Multiple modules, including modules/memory-tiers.md and modules/session-routing.md, reference and attempt to import logic from a local file at scripts/agent_memory.py. Since this script is not included in the provided file set, the skill's actual operational behavior is unverifiable and could lead to the execution of unvetted local code.

context-optimization