The Agent Skills Directory

[COMMAND_EXECUTION]: The skill generates Python scripts (shared logic, framework-specific servers, and rollout adapters) based on user-provided descriptions and then executes these scripts to perform 'smoke tests' for validation purposes.- [PROMPT_INJECTION]: The skill processes untrusted natural language input to generate executable code, creating a surface for indirect prompt injection attacks where malicious descriptions could lead to the synthesis of harmful logic. \n- Ingestion points: User-provided plain-English descriptions of environments in the interactive flow. \n- Boundary markers: None; the description is the direct input for code generation. \n- Capability inventory: The skill writes multiple files to the local file system and executes them during the rollout phase. \n- Sanitization: No evidence of input validation or sanitization of user descriptions before they are used in code generation.- [EXTERNAL_DOWNLOADS]: The skill references and installs dependencies from external repositories, including NVIDIA's official GitHub repository for NeMo Gym and Meta's OpenEnv.- [CREDENTIALS_UNSAFE]: The skill instructions mention checking for sensitive identifiers such as 'OPENAI_API_KEY' and 'E2B_API_KEY' in '.env' files to facilitate rollout tests and external sandbox operations.

rl-env-from-description