The Agent Skills Directory

[PROMPT_INJECTION]: The skill acts as a template for generating new AI agent skills based on user input, which presents a surface for indirect prompt injection (Category 8).
Ingestion points: SKILL.md (Workflow Step 1) accepts user-provided runbooks, internal documentation, and task descriptions to define skill logic.
Boundary markers: Absent. The skill does not define delimiters or explicit instructions for the agent to ignore potentially malicious nested commands within user data.
Capability inventory: The agent is empowered to write files and execute shell commands or scripts as part of the skill creation and validation process.
Sanitization: Absent. No specific validation or sanitization rules are provided for the user-supplied content before it is incorporated into the generated instructions.
[EXTERNAL_DOWNLOADS]: The skill describes using npx for tool execution (e.g., npx prettier@3.4.2 and npx skills). These commands download packages from the official NPM registry, which is a well-known and trusted service for development workflows.
[COMMAND_EXECUTION]: The instructions direct the agent to run local scripts and shell commands for validation, such as python3 scripts/validate.py and npx skills add. These actions are within the intended scope of the skill's purpose as a developer tool.

creating-linksoft-skills