The Agent Skills Directory

Data Exposure (LOW): The file DEPRECATED.md contains a hardcoded local absolute path (/Users/erichowens/.claude/skills/skill-architect/), which exposes the username and directory structure of the developer's machine.
Indirect Prompt Injection (LOW): The validation and packaging scripts ingest untrusted data (files in a directory). While they implement basic sanitization via regex in scripts/quick_validate.py, they lack robust boundary markers. However, the capabilities are limited to ZIP creation, posing minimal risk. 1. Ingestion points: scripts/package_skill.py (rglob walk), scripts/quick_validate.py (SKILL.md read). 2. Boundary markers: Absent. 3. Capability inventory: zipfile write, pathlib read. 4. Sanitization: Regex validation for name and description fields.

skill-creator