The Agent Skills Directory

[COMMAND_EXECUTION]: The skill requests permission for broad shell commands, specifically 'rm -rf *' for cleaning up skill packages and 'npx skills *' for package installation and management. These tools are necessary for the primary purpose of skill generation but represent a high-risk capability.- [EXTERNAL_DOWNLOADS]: In 'Learn Mode', the skill fetches content from user-provided URLs via 'WebFetch'. It also performs searches on 'https://skills.sh' using 'scripts/search-skills.py' to retrieve existing skill data.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing content from external documentation or skills from untrusted URLs. Ingestion points: External data enters the system through 'WebFetch' and 'WebSearch' tools. Boundary markers: The skill provides 'Anti-Manipulation Rules' and explicit instructions to disregard claims of safety found within the scanned content. Capability inventory: The skill has the ability to execute shell commands and modify the file system. Sanitization: Risks are mitigated through a mandatory two-level scan involving an automated regex-based scanner (scripts/security-scan.py) and a manual semantic review by the agent.

aif-skill-generator