The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/run_eval.py uses subprocess.Popen to execute the claude command-line tool. This is the primary mechanism used to test if a skill triggers correctly within the agent's environment.
[COMMAND_EXECUTION]: The eval-viewer/generate_review.py script executes the lsof system utility via subprocess.run to identify and manage processes using specific ports for the local server.
[EXTERNAL_DOWNLOADS]: The skill integrates with the Anthropic API using the anthropic library in scripts/run_loop.py and scripts/improve_description.py to facilitate the optimization of skill descriptions. Anthropic is a trusted organization.
[DATA_EXPOSURE]: The evaluation viewer script (eval-viewer/generate_review.py) reads local files from the defined workspace and embeds their content into an HTML report for user review. This is an intended functional behavior for visualizing skill outputs.
[INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes untrusted user feedback and evaluation queries from feedback.json and evals.json. However, the risk is minimized as these files are typically managed by the developer, and the skill utilizes list-based subprocess calls to prevent command injection.

skill-creator