The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides examples (e.g., examples/02-tool-integration.py, examples/05-tool-integration.cs, and reference/04-tools-functions.md) that use eval() or DataTable.Compute() to evaluate mathematical expressions. These are risky patterns for handling untrusted input, though the documentation explicitly labels them as such and recommends safer alternatives for production use.
[COMMAND_EXECUTION]: Documentation in reference/04-tools-functions.md describes how to implement tools that execute shell commands using subprocess.run(shell=True). The skill identifies this as a high-privilege capability and explicitly states it should require human approval and sandboxing.
[EXTERNAL_DOWNLOADS]: The skill refers to and fetches data from trusted domains and organizations, including official Microsoft documentation (Microsoft Learn), Microsoft's GitHub repositories, and technical articles on LinkedIn by verified experts. These references are used for documentation maintenance and development guidance.
[REMOTE_CODE_EXECUTION]: The skill includes instructions for installing the Microsoft Agent Framework via standard package managers (pip install agent-framework --pre and dotnet add package Microsoft.Agents.AI --prerelease). While this involves downloading external code, it points to the official distribution channels for the documented framework.
[PROMPT_INJECTION]: The skill defines an architecture for agents that process untrusted data (user messages) and have access to powerful tools (file system, command execution). This creates a surface for Indirect Prompt Injection. The documentation acknowledges this risk and provides mitigation strategies, including middleware filtering, structured outputs, and human-in-the-loop checkpoints.

microsoft-agent-framework