The Agent Skills Directory

[COMMAND_EXECUTION]: The initialization script (scripts/init-artifact.sh) attempts to install the pnpm package manager globally using npm install -g pnpm if it is not detected in the path. This constitutes a modification of the global environment and a privilege escalation vector in restricted agent execution environments.
[EXTERNAL_DOWNLOADS]: The skill dynamically downloads and installs a large quantity of external dependencies from the NPM registry, including the Vite build tool, Tailwind CSS, and over 40 UI component libraries from the Radix UI ecosystem.
[COMMAND_EXECUTION]: The skill uses scripts/init-artifact.sh and scripts/bundle-artifact.sh to perform extensive file system and configuration tasks, such as generating tailwind.config.js, creating .parcelrc, and using node -e to programmatically modify tsconfig.json files.
[REMOTE_CODE_EXECUTION]: The bundling process uses pnpm exec parcel and pnpm exec html-inline to execute binaries that were downloaded during the session, effectively running external code as local processes.
[PROMPT_INJECTION]: The SKILL.md file contains instructions regarding design guidelines to avoid 'AI slop,' which is a benign use of natural language to influence agent output rather than a malicious safety bypass.

web-artifacts-builder