The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes the claude CLI and the lsof utility using subprocess.run and subprocess.Popen in scripts/run_eval.py and eval-viewer/generate_review.py. All command arguments are passed as lists without shell expansion, which is a safe practice that prevents command injection.- [EXTERNAL_DOWNLOADS]: The skill relies on the presence of the official claude CLI tool and fetches the SheetJS library from a well-known CDN for spreadsheet rendering in the evaluation viewer.- [PROMPT_INJECTION]: The skill processes user-provided test cases and evaluation prompts, creating a surface for indirect prompt injection. 1) Ingestion points: evals/evals.json and eval_set.json. 2) Boundary markers: User input is encapsulated in structured JSON objects. 3) Capability inventory: Subprocess execution of local CLI tools. 4) Sanitization: JSON encoding and the use of standard input streaming to the CLI tool to avoid shell interpolation.

skill-creator