The Agent Skills Directory

[PROMPT_INJECTION]: The skill provides templates for creating tools that interact with external APIs (e.g., in templates/api_tool_template.py and templates/simple_tool_template.py). These tools represent a surface for indirect prompt injection where untrusted data from an API response could influence subsequent agent actions.
Ingestion points: API response data processed in run() methods of classes created via provided templates.
Boundary markers: None explicitly implemented in the provided code templates.
Capability inventory: The skill framework supports executing shell commands and scripts (e.g., validation scripts and tests mentioned in SKILL.md).
Sanitization: The templates focus on functional logic and do not provide explicit sanitization or filtering for external content.
[COMMAND_EXECUTION]: The skill contains numerous instructions for the agent to execute local CLI commands and scripts as part of the tool development workflow. Examples include running pytest for unit testing, py_compile for syntax checking, and framework-specific scripts like scripts/test_new_tools.py and scripts/check_tool_name_lengths.py for validation.
[EXTERNAL_DOWNLOADS]: A documentation example in SKILL.md (under Dependency Management) suggests using curl to fetch package metadata from PyPI and piping it to a Python snippet to count dependencies. While automated scanners flagged the curl | python3 pattern, the command uses a well-known technology service (pypi.org) and the Python code parses the downloaded JSON as data rather than executing it as a script.

devtu-create-tool