The Agent Skills Directory

[PROMPT_INJECTION]: The skill's workflow involves reading and analyzing external skill files (SKILL.md and references), creating an untrusted data ingestion surface. It lacks explicit boundary markers or instructions to the agent to disregard embedded commands within the analyzed content, and does not implement sanitization or validation of the ingested content.
[COMMAND_EXECUTION]: The report generation process constructs filenames using variables (such as {skill-name}) extracted from the metadata of analyzed skills. This presents a potential risk of path traversal or file name manipulation if an analyzed skill's metadata is maliciously crafted to include characters such as '../' or shell-sensitive symbols.

skill-auto-improver