The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the npx skills command to interact with the skills ecosystem and uses a local bash script scripts/scan_skill.sh to perform repository management and security scanning.
[EXTERNAL_DOWNLOADS]: The scan_skill.sh script utilizes git clone and curl to download third-party skill code into temporary directories for the purpose of security evaluation. All downloaded content is cleaned up after analysis.
[REMOTE_CODE_EXECUTION]: The skill uses uvx to dynamically download and execute the snyk-agent-scan package from Snyk. This is used as a legitimate security measure to audit the code of candidate skills before they are presented to the user.
[PROMPT_INJECTION]: The SKILL.md file contains various phrases associated with prompt injection and behavioral manipulation. Analysis indicates these are examples provided to the agent as part of a defensive checklist for auditing external content, rather than attempts to hijack the agent's behavior.
[DATA_EXFILTRATION]: While the skill reviews sensitive file paths (e.g., .env, .ssh/), it does so strictly as an auditor looking for risks in other skills. There are no patterns suggesting the skill itself accesses or transmits user credentials.

find-skills