The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the commands pnpm skills:check and pnpm skills:sync. These are identified as local project-specific scripts used for validating skill integrity and synchronizing them within the repository.
[PROMPT_INJECTION]: The skill enables the creation of new instructions from user input, which introduces a surface for indirect prompt injection. (1) Ingestion points: User-provided values for the skill name, description, and instructions are written directly to a new SKILL.md file. (2) Boundary markers: The generated file uses standard Markdown headers but does not include explicit security boundaries to encapsulate user-provided content. (3) Capability inventory: The skill has the capability to write files to the .agents/skills/ directory and execute local shell commands through the pnpm task runner. (4) Sanitization: While the skill name is validated to ensure it only contains lowercase letters, digits, and hyphens, the description and instructional content are not sanitized or filtered for potentially malicious prompt injection patterns.

create-skill