The Agent Skills Directory

[PROMPT_INJECTION]: The instructions in SKILL.md and accompanying references provide structural and stylistic guidance for developers. While the text uses authoritative language and imperative commands (e.g., 'Core Principles', 'Always use imperative form'), these are directed at improving agent performance and do not attempt to bypass safety guardrails or override system-level instructions.
[COMMAND_EXECUTION]: The scripts/package_skill.py script uses subprocess.run to invoke a local validation script (quick_validate.py). This is a legitimate operation for a development toolchain. The execution is limited to known local paths and does not process arbitrary user input through a shell.
[EXTERNAL_DOWNLOADS]: The Python scripts specify pyyaml as a dependency in PEP 723 script blocks. pyyaml is a well-known, industry-standard library for YAML processing. No unauthorized or suspicious third-party downloads were detected.
[CREDENTIALS_UNSAFE]: A scan of all scripts and markdown files confirmed the absence of hardcoded API keys, secrets, or sensitive file paths.
[DATA_EXFILTRATION]: No network-capable commands or functions (such as curl, wget, or requests) are used within the provided scripts. The skill operates entirely on local file structures.

skill-creator