The Agent Skills Directory

[COMMAND_EXECUTION]: The skill documentation instructs the agent to execute local Python scripts (init_skill.py, package_skill.py) to manage the development lifecycle of other skills.\n- [COMMAND_EXECUTION]: The init_skill.py script uses chmod(0o755) to set executable permissions on a dynamically created template script (scripts/example.py). While functional, modifying permissions on dynamically generated files is a sensitive operation.\n- [COMMAND_EXECUTION]: SKILL.md contains instructions to perform a curl POST request to a local API (http://localhost:62610/api/v1/registry/import-local) for skill registration. This targets a local interface, which is whitelisted but represents a command execution surface.\n- [PROMPT_INJECTION]: The skill facilitates the creation of new skill templates, establishing a surface for indirect prompt injection. Mandatory Evidence Chain: \n
Ingestion points: User-provided skill names and descriptions are used to populate SKILL.md and template files in init_skill.py.\n
Boundary markers: The generated templates do not include delimiters or instructions to ignore embedded commands within user-provided content.\n
Capability inventory: The skill has file system write access and performs local network requests.\n
Sanitization: No sanitization or escaping is performed on the user input before it is interpolated into the generated skill templates.

skill-creator