The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/package_skill.py script uses subprocess.run to execute a local validation script (scripts/quick_validate.py) via the uv tool. This operation is used to ensure the skill follows required conventions before packaging and is not used for malicious command execution.
[DATA_EXPOSURE]: The skill's Python scripts perform file system operations such as directory creation, file reading, and file writing to manage skill content. These operations are scoped to the paths provided by the user and are consistent with the skill's purpose as a development scaffolding tool.
[EXTERNAL_DOWNLOADS]: The scripts declare a dependency on the well-known pyyaml library to facilitate parsing of skill metadata. No unexpected or untrusted external resources are fetched during execution.

skill-creator