The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill generates TypeScript code from templates using user-provided parameters and executes the resulting file using ./{{CLI_NAME}}.ts after applying chmod +x in the CreateCli.md workflow.\n- [COMMAND_EXECUTION]: The skill uses system shell commands for its core operations, including curl for automated notifications, chmod for file permissions, and ls for locating files.\n- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection with the following evidence:\n
Ingestion points: The skill is instructed to load behavioral overrides from PREFERENCES.md files located in the ~/.claude/skills/PAI/USER/SKILLCUSTOMIZATIONS/CreateCLI/ directory and processes user-provided tool requirements.\n
Boundary markers: None present; there are no instructions to isolate or ignore embedded commands in the untrusted data.\n
Capability inventory: The skill possesses capabilities for subprocess execution, filesystem access, and network communication.\n
Sanitization: No evidence of input validation or character escaping before data is used in scripts or instructions.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes bun add to install the commander package during the CLI tier upgrade workflow.\n- [DATA_EXFILTRATION]: A mandatory notification step uses curl to send workflow and action details to http://localhost:8888/notify on every skill activation.

CreateCLI