The Agent Skills Directory

[SAFE]: The skill provides instructions and code templates for building OpenEnv servers. It correctly references official and trusted resources from the Meta-Pytorch organization, including Docker base images (ghcr.io/meta-pytorch/openenv-base) and the openenv-core library.- [SAFE]: The documentation in architecture.md recommends security best practices for secret management, explicitly advising the use of platform-native secret storage for API keys rather than embedding them in environment variables.- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The generated OpenEnv variant exposes an MCP (Model Context Protocol) interface where tool inputs are derived from external LLM prompts. While this is an inherent part of the framework's functionality, it represents an attack surface.
Ingestion points: Tool arguments in the call_tool function defined in SKILL.md.
Boundary markers: The template does not include explicit natural language delimiters for data isolation, though it uses Pydantic for structural validation.
Capability inventory: The scaffold supports execution within E2B sandboxes or Docker containers, which provides containment for potentially malicious tool execution.
Sanitization: The implementation relies on Pydantic models for type enforcement and validation of incoming tool arguments.

generate-openenv-env