The Agent Skills Directory

[COMMAND_EXECUTION]: The references/scaffolding-and-recovery.md file contains a script that searches for and modifies the git.js file within the @semantic-release/git package in global system paths such as /opt/homebrew/lib/node_modules and the global npm root. This involves using sed -i to patch external software files.\n- [REMOTE_CODE_EXECUTION]: The skill provides instructions in references/scaffolding-and-recovery.md to install the mise tool by fetching and executing an installation script from its official domain (curl https://mise.run | sh).\n- [CREDENTIALS_UNSAFE]: The skill instructs the user to store sensitive tokens (PyPI, Crates.io) in the ~/.claude/.secrets/ directory and provides configuration templates to read from this path. It also includes an audit step that greps for credential patterns like GH_TOKEN or NPM_TOKEN in configuration files.\n- [PROMPT_INJECTION]: The SKILL.md file includes a 'Post-Execution Reflection' section that directs the agent to locate its own source files and edit them based on execution outcomes. Additionally, the scaffolding logic reads untrusted repository configuration files to generate new task code without sanitization or boundary markers.\n- [EXTERNAL_DOWNLOADS]: The skill performs network requests to pypi.org and crates.io to verify package publication status.

run-full-release