The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes the skills-ref validate CLI tool to verify the structure of the created skill directory. This is a standard linting procedure within the Agent Skills ecosystem.\n- [EXTERNAL_DOWNLOADS]: The skill directs the agent to fetch the Agent Skills specification from agentskills.io and references the agentskills/agentskills GitHub repository for validation tools. These sources are considered well-known and authoritative for the skill's purpose.\n- [REMOTE_CODE_EXECUTION]: The skill utilizes the KAIROS MCP tools (kairos_search, kairos_begin, kairos_next) to retrieve and follow instructions from a remote protocol chain. This dynamic execution of multi-step protocols is the core functionality of the KAIROS system.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes external data and user input to generate skill instructions.\n
Ingestion points: User-provided requirements for skill creation and external specifications retrieved via Context7 and the agentskills.io domain.\n
Boundary markers: The skill uses markdown headers and structured JSON challenge blocks to separate instruction segments, though it lacks explicit warnings to ignore embedded instructions in the ingested data.\n
Capability inventory: The skill has the ability to write to the local filesystem (creating skill files), execute shell commands (skills-ref), and perform network-based tool calls via the KAIROS MCP server.\n
Sanitization: There is no evidence of sanitization, filtering, or escaping of user-provided content before it is interpolated into the generated SKILL.md or protocol files.

kairos-create-skill