The Agent Skills Directory

[SAFE]: The skill includes a sanitize_name function in scripts/install_skill.py that strips null bytes, path separators, and leading dots from user-provided skill names. This prevents path traversal attacks that could attempt to write or delete files outside the intended skills directories.
[EXTERNAL_DOWNLOADS]: The skill leverages the npx skills utility to discover and install external skills from the open ecosystem. While this involves fetching third-party content, the skill provides a dedicated assessment guide in references/remote-skill-assessment.md that teaches the agent how to identify red flags like suspicious install counts, hidden ads, or unnecessary API requirements.
[COMMAND_EXECUTION]: The management scripts (copy, move, delete) are restricted to operating within defined agent-specific configuration paths (e.g., ~/.claude/skills/). The skill instructions explicitly mandate user confirmation via AskUserQuestion before performing any deletion, ensuring human oversight for powerful file system operations.
[SAFE]: The skill documentation proactively educates the agent and user on security best practices, such as the prohibition of XML tags in frontmatter to prevent prompt injection and the verification of repository owners for ecosystem skills.

skills-management