The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs shell command execution through cmd /c on Windows, involving git, mise, and npx to manage the local environment and repository state.\n- [EXTERNAL_DOWNLOADS]: Fetches the skills package from the NPM registry using npx to facilitate skill management.\n- [REMOTE_CODE_EXECUTION]: Executes code from the skills package locally to update configurations across multiple agent platforms (e.g., Codex, Cursor, Windsurf).\n- [DATA_EXFILTRATION]: Performs git push operations to synchronize local skill code with a remote Git repository (defaulting to the origin remote).\n- [PROMPT_INJECTION]: The skill ingests repository data which may contain untrusted instructions, forming an indirect prompt injection surface.\n
Ingestion points: Processes files within the skills/ directory and the agents/openai.yaml configuration file.\n
Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content within the skill files being processed.\n
Capability inventory: The skill has access to shell execution, Git repository management, and remote package execution via npx.\n
Sanitization: No sanitization or validation logic is specified for the contents of the files being read or synchronized.

skill-sync