The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The reference files point to well-known Content Delivery Networks (CDNs) such as cdn.jsdelivr.net and unpkg.com for loading the HTMX core library and its official extensions. These are established services for distributing front-end assets.
[DYNAMIC_EXECUTION]: The skill documents HTMX features that involve JavaScript evaluation, such as the hx-on attribute for inline scripts and the js: prefix for dynamic parameter values in hx-vals and hx-headers. These are standard functionalities of the framework, and the documentation includes clear instructions on how to restrict these capabilities for security (e.g., using htmx.config.allowEval = false or the hx-disable attribute).
[DATA_EXFILTRATION]: Examples throughout the reference files demonstrate how to include authentication tokens (e.g., Authorization headers) and CSRF tokens in AJAX requests. These examples use placeholders or standard JavaScript functions (like getToken()) and do not contain hardcoded credentials or malicious exfiltration patterns.
[INDIRECT_PROMPT_INJECTION]: The skill describes a system that ingests HTML fragments from a server (ingestion point: SKILL.md, references/swapping.md). It documents capabilities that could be exploited if malicious HTML is processed, such as script execution via HTMX attributes (capability: references/attributes.md). However, the skill explicitly provides sanitization and boundary instructions, such as mandatory server-side escaping of user content and the use of hx-disable to neutralize HTMX processing in untrusted DOM regions (sanitization: SKILL.md, references/gotchas.md).

htmx