The Agent Skills Directory

[SAFE]: The skill performs standard configuration tasks such as reading metadata from local files (assets/module.yaml) and writing project-specific configuration to designated YAML files. The overall logic is transparent and aligned with its stated purpose of module initialization.
[DATA_EXFILTRATION]: The skill manages sensitive data by prompting the user for API keys (Pexels, fal.ai, and GitHub). It correctly identifies these as user-specific settings and instructs that they be stored in a separate file (config.user.yaml) which is intended to be gitignored, reducing the risk of accidental credential exposure.
[COMMAND_EXECUTION]: The skill utilizes system commands like mkdir -p to establish the directory structure defined in the configuration. These commands are executed locally to set up the project environment as requested by the user.
[PROMPT_INJECTION]: The skill features an attack surface for indirect prompt injection as it processes user-provided strings for configuration paths and language settings without explicit validation instructions. Ingestion points: User input collected during the configuration phase for keys like presentation_output_folder (SKILL.md). Boundary markers: Absent; user responses are mapped directly to configuration keys. Capability inventory: File system write access for configuration files and directory creation via mkdir -p (SKILL.md). Sanitization: The instructions do not specify any sanitization or validation for user-provided configuration values before they are written to files or used in shell commands.

paw-tools-setup