The Agent Skills Directory

Unverifiable Dependencies & Remote Code Execution (MEDIUM): The skill fetches a GraphQL schema from https://api.cartridge.gg/query to drive the pnpm codegen process. While the command itself is local, the logic of the generated code is dictated by an external, non-whitelisted source.
Indirect Prompt Injection (MEDIUM):
Ingestion points: External GraphQL schema URL specified in the Configuration section of SKILL.md.
Boundary markers: Absent. There are no instructions to validate the schema or verify the integrity of the remote source before processing.
Capability inventory: The skill writes generated code to packages/keychain/src/utils/api/graphql.ts and triggers code execution via pnpm test.
Sanitization: None. The skill assumes the remote schema is safe. An attacker controlling the API endpoint could potentially inject malicious metadata or definitions that exploit the code generator or the resulting application environment.
Command Execution (LOW): The skill utilizes pnpm to run filtered commands and tests. These are standard development operations but facilitate the execution of the dynamically generated content.
Dynamic Execution (LOW): The skill's primary purpose is 'Script generation' (Category 10), as it creates TypeScript files at runtime based on external definitions. The resulting code is then integrated into the project's execution path.

codegen