The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to generate instructions and code for other agents. It processes user-supplied inputs (like skill names) and interpolates them into templates.
Ingestion points: Ingestion occurs in scripts/init_skill.py via command-line arguments for skill name and path.
Boundary markers: Boundary markers are absent in the generated skill templates, which use [TODO] placeholders.
Capability inventory: The skill possesses file system modification capabilities, including creating directories, writing files, and setting executable permissions.
Sanitization: The skill name input is not sanitized against malicious injection or formatting during the initial file creation process.
[COMMAND_EXECUTION]: The scripts/init_skill.py utility script is susceptible to a minor path traversal vulnerability.
Evidence: The script constructs file paths using Path(path).resolve() / skill_name without validating the skill_name argument for directory traversal sequences like ... This could allow an agent to create files outside of the intended directory structure if instructed with a malicious name.

skill-creator