The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were identified in the skill.
[COMMAND_EXECUTION]: The skill refers to local repository scripts such as scripts/check-skill-metadata.py and scripts/test-a-skill.sh for validating the generated draft. These are standard developer tools and do not involve remote code execution.
[DATA_EXPOSURE]: No sensitive file paths or credentials were found. The skill operates on local repository contents intended for skill development.
[PROMPT_INJECTION]: The skill utilizes a guided conversation flow and accepts raw content as input. While this creates a potential surface for indirect prompt injection, it is the intended functionality of a creation tool, and the process concludes with a user review and manual validation step.

pm-skill-creator