The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads and references configuration files and guidelines from well-known trusted organizations including Cloudflare and Vercel Labs.
[COMMAND_EXECUTION]: The skill includes several Python scripts in the scripts/ directory for task automation such as packaging skills, running evaluations, and aggregating benchmark data. These scripts execute standard filesystem and subprocess operations consistent with the skill's stated purpose of skill development and testing.
[REMOTE_CODE_EXECUTION]: The run_eval.py script uses subprocess.Popen to invoke the claude CLI for testing skill triggering. This is a legitimate use case for a developer tool designed to test AI behaviors locally.
[DATA_EXPOSURE]: The skill reads and writes JSON and Markdown files within a user-defined workspace directory (e.g., <skill-name>-workspace/) to store test results, metadata, and user feedback. It does not access sensitive system paths or hardcoded credentials.
[PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety filters was found in SKILL.md or the reference documentation.

skill-creator-pro