The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to ingest and process untrusted data from multiple external sources.
Ingestion points: External research data fetched via SearchAPI and Social Toolkit MCP tools, library documentation via Context7, and any documents or specifications provided directly by the user (SKILL.md, Step 1B).
Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the researched materials.
Capability inventory: The skill can write files to the local file system (Step 4), perform network operations via MCP tools (Step 1B), and use deployment tools like wrangler or npx (Step 6 and Conventions Reference).
Sanitization: No explicit sanitization or validation of the content retrieved from external sources is described before it is used to inform the skill's logic or file creation.
[REMOTE_CODE_EXECUTION]: The skill instructs the agent to generate documentation (README updates) that includes commands for executing code from a remote registry. Specifically, it uses npx skills add AAlvAAro/skills@skill-name, which triggers the execution of packages from the NPM registry.
[COMMAND_EXECUTION]: The skill workflow involves the use of CLI tools for deployment and asset management, such as wrangler for Cloudflare Workers and the npx command for skill installation.

skill-creator