The Agent Skills Directory

Standard Skill Scaffolding: The skill provides a robust template for creating new Agent Skills, including mandatory YAML frontmatter and directory structures. This follows the established Agent Skills specification.
Security Best Practices Guidance: The references/anti-patterns.md file explicitly identifies and warns against several security risks, including:
Credential Safety: It advises against hardcoding credentials in scripts and recommends using environment variables or platform-specific secret management.
Input Validation: It highlights the risk of unvalidated inputs in shell commands and recommends sanitization or using file-based inputs to prevent command injection.
Safe Tool Usage: It establishes rules for PR interactions, such as prohibiting agents from automatically approving or blocking PRs, ensuring human oversight for critical actions.
Operational Resilience: The skill emphasizes 'fail-closed' error handling, meaning that unknown or failed API responses are not treated as successes. This prevents the agent from making decisions based on incomplete or incorrect data.
Testing and Validation: It introduces a detailed methodology for testing skills using multiple AI model families to identify edge cases and consensus findings, improving the overall reliability and safety of generated skills.
No Malicious Patterns Detected: The skill does not contain any prompt injections, obfuscation, unauthorized data access, or persistence mechanisms. All external links point to legitimate documentation for the Agent Skills specification and GitHub repository guidelines.

make-skill