The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill defines a function execute_skill_script that uses subprocess.run to execute Python scripts found in subdirectories (skills/{skill_name}/scripts/). This allows for the execution of code that is not part of the core skill logic and is instead fetched from external sources.\n- [EXTERNAL_DOWNLOADS]: Installation instructions direct users to fetch content via git clone or npx from an external GitHub repository (mukul975/Anthropic-Cybersecurity-Skills). This repository serves as the source for the scripts that the agent is then prompted to execute.\n- [COMMAND_EXECUTION]: The skill provides logic for traversing the local file system (os.listdir) and reading file contents (open().read()) to facilitate the discovery and execution of third-party security tools.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted Markdown and YAML content from the skills/ directory (ingestion point) without boundary markers. These extracted instructions directly influence the agent's actions, which include high-privilege capabilities such as file system access and subprocess execution (capability inventory). No sanitization is performed on the ingested content (sanitization absent).

anthropic-cybersecurity-skills