The Agent Skills Directory

[Indirect Prompt Injection] (MEDIUM): The skill functions as a template engine that ingests user-provided goals and descriptions to write new SKILL.md files to the agent's internal configuration directory (~/.claude/skills/). This creates a surface where malicious user input could be used to generate a new skill with dangerous capabilities, and the process lacks explicit sanitization or boundary markers for the generated content.
[Privilege Escalation] (LOW): Under the 'Common Issues' section, the skill instructs the agent to use 'chmod +x scripts/*.py' to fix script failures. This encourages the agent to grant execution permissions to files it has dynamically created, which could facilitate the execution of malicious logic if the script generation phase was compromised.

skill-generator