The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The script 'sources/obra/render-graphs.js' extracts dot blocks from markdown and executes the 'dot' system command using execSync. Spawning shell processes with data derived from user-editable files like SKILL.md is a potential risk vector for command injection or exploitation of the underlying system utility.\n- [EXTERNAL_DOWNLOADS] (MEDIUM): The 'update-sources.sh' script performs network operations to download resources from various GitHub repositories and external domains. While some sources like 'anthropics' and 'pytorch' are trusted, others like 'EveryInc' and 'obra' are not on the verified list, which could allow for the introduction of unverified code into the skill tree.\n- [DATA_EXFILTRATION] (LOW): Guidance in 'sources/everyinc/references/api-security.md' describes patterns for accessing sensitive local filesystem paths such as '~/.claude/.env' to retrieve API credentials. Although designed to keep secrets out of conversation logs, facilitating access to local secret stores is a documented data exposure risk.

skill-authoring