The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill's primary CLI tool, located in scripts/sdf/cli.py, utilizes the importlib library to dynamically load and execute Python modules based on user-provided file paths. Specifically, the _load_generator_module function calls module_spec.loader.exec_module(module) on paths resolved from CLI arguments.
[COMMAND_EXECUTION]: Upon loading a module, the tool automatically invokes the gen_sdf() function. Any code present at the top level of the target Python file or within the gen_sdf function is executed with the privileges of the agent's environment.
[REMOTE_CODE_EXECUTION]: The documentation in references/gen-sdf.md explicitly warns of this behavior: 'The CLI imports generator modules directly. Top-level Python code in the generator file will execute. Use this command only for trusted project sources.' This design creates a risk surface where an agent could be manipulated into executing malicious logic embedded within a repository's Python files under the guise of an SDF model definition.

sdf