The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses user-provided inputs such as brand names and industries to construct prompts for the Gemini AI. While these inputs are interpolated directly into templates without specific boundary markers, this is standard behavior for design-generation tools and does not constitute a malicious attempt to bypass safety guidelines. Instructions in SKILL.md encourage the agent to self-correct scripts, which is a common developer-mode pattern for autonomous agents.
[EXTERNAL_DOWNLOADS]: The skill documentation and setup instructions specify dependencies on 'google-genai' and 'pillow', which are well-known and standard libraries for interacting with Google's AI models and performing image processing. These are fetched from official package registries.
[CREDENTIALS_UNSAFE]: Scripts in the 'scripts/' directory retrieve the 'GEMINI_API_KEY' from environment variables or local configuration files (e.g., ~/.claude/.env). This is the recommended practice for secure credential management on the platform and avoids hardcoding secrets within the code.
[COMMAND_EXECUTION]: Documentation mentions the use of 'chrome-devtools' and headless Chrome for capturing screenshots of generated HTML designs. The commands described use standard flags for automated rendering and do not involve execution of untrusted remote content.
[DATA_EXPOSURE]: The skill produces design assets (PNG, SVG, HTML) stored locally in the project directory. There is no evidence of sensitive data collection or unauthorized exfiltration of user files.

ckm-design