The Agent Skills Directory

[COMMAND_EXECUTION]: Several Python scripts in the skill utilize the subprocess module to execute system commands. Specifically, scripts/run_eval.py and scripts/improve_description.py invoke the claude CLI to run test evaluations and description optimizations. Additionally, eval-viewer/generate_review.py uses lsof to manage network ports for its local server. These operations are legitimate and necessary for the skill's developer-focused features.
[EXTERNAL_DOWNLOADS]: The eval-viewer/viewer.html file includes a script tag that fetches the SheetJS library (xlsx.full.min.js) from cdn.sheetjs.com. This is a well-known service used to provide spreadsheet rendering capabilities within the skill's evaluation viewer.
[DATA_EXPOSURE]: The evaluation viewer script (eval-viewer/generate_review.py) scans workspace directories to embed test outputs into a review report. The script contains explicit exclusions for sensitive metadata files such as transcripts and internal metrics to prevent unintended exposure of agent-internal data during the review process.
[PROMPT_INJECTION]: The SKILL.md file contains instructions for the agent to generate 'pushy' descriptions for new skills to ensure they are triggered correctly by the platform. These instructions are part of the intended logic for skill optimization and do not represent a malicious attempt to bypass safety filters or override core agent behavior.

skill-creator