The Agent Skills Directory

[COMMAND_EXECUTION]: The skill automates the modification of the agent's security configuration in .claude/settings.json. It specifically whitelists commands such as npx skills@latest* and mkdir -p .power-engineer to suppress per-command user approval prompts.
[COMMAND_EXECUTION]: It installs a persistent bash hook script at .claude/hooks/allow-skills-install.sh. This hook intercepts tool calls and automatically allows specific installation commands, which persists in the environment and bypasses standard safety protocols.
[REMOTE_CODE_EXECUTION]: The skill facilitates the immediate execution of remote code by running npx skills@latest add <repo> for a vast catalog of external skills. This occurs at runtime and involves many sources outside of established trusted organizations.
[EXTERNAL_DOWNLOADS]: The skill maintains and utilizes a catalog of over 200 external skills and plugins. While many repositories belong to known vendors, a substantial number are hosted by unverified third-party individuals on GitHub, posing a supply chain threat.
[COMMAND_EXECUTION]: The 'Scanner' and 'Drift Detector' modules execute a suite of bash commands (including find, grep, git log, and jq) to analyze the project codebase and track modifications over time.

power-engineer