The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The script scripts/test_activation.py ingests content from local skill definition files (SKILL.md) to evaluate activation triggers. This creates an indirect prompt injection surface where instructions in the analyzed file could attempt to influence the agent, although the script's logic is limited to regex-based extraction and does not execute the content.\n- [COMMAND_EXECUTION] (LOW): The skill provides local Python and Bash scripts (validate_skill.py, test_activation.py) for validation tasks. While these scripts are functionally safe and use standard libraries, they require execution in the user's environment.\n- [EXTERNAL_DOWNLOADS] (LOW): Example skill documentation (e.g., clip-aware-embeddings) suggests the installation of well-known machine learning libraries like transformers, torch, and numpy from the PyPI registry.

skill-coach