The Agent Skills Directory

[SAFE]: The skill content is restricted to documentation, implementation patterns, and configuration guidance for official Anthropic services.
[EXTERNAL_DOWNLOADS]: References official, well-known packages such as anthropic, @anthropic-ai/sdk, and claude-agent-sdk. These are documented neutrally as standard project dependencies from trusted organizations.
[CREDENTIALS_UNSAFE]: The documentation explicitly advises against hardcoding API keys and recommends using environment variables. It also includes warnings about storing sensitive data in persistent memory files.
[PROMPT_INJECTION]: The documentation describes the Agent SDK's ability to ingest untrusted data via tools like WebFetch and Read. While this represents an attack surface for indirect prompt injection, the skill describes the official system's built-in safety features, such as permission modes (default, plan) and the allowed_tools restriction system, to mitigate these risks.
[COMMAND_EXECUTION]: Provides examples for using built-in agentic tools like Bash and Edit. These are documented as core features of the Agent SDK, with instructions on how to use confirmation prompts and working directory constraints to maintain security.

claude-api