The Agent Skills Directory

[DATA_EXPOSURE]: The skill requires access to the local screenpipe API (port 3030) to retrieve OCR and UI data. While this data is sensitive, the skill includes a robust redaction layer (scripts/redact.py) that scrubs emails, API keys (AWS, OpenAI, Anthropic, etc.), private keys, bearer tokens, and phone numbers before the data is summarized for the LLM. Additionally, it provides a recommended screenpipe configuration to exclude sensitive applications (password managers, banking) at the capture level.
[EXTERNAL_DOWNLOADS]: The skill utilizes the sentence-transformers library to perform local semantic matching of workflows against existing skills. This involves downloading a well-known, small embedding model (all-MiniLM-L6-v2) from Hugging Face on the first run. No other external code or binary downloads were detected.
[COMMAND_EXECUTION]: The skill uses shutil.move in scripts/promote.py to move user-approved skill drafts from a temporary directory into the main skill repository. This operation is explicitly triggered by the user via a CLI command after they have had the opportunity to review the generated content.
[PROMPT_INJECTION]: The skill generates instructions for other agent skills. While there is a potential for indirect prompt injection if a malicious window title or OCR text was specifically crafted to influence the skill generator, the risk is mitigated by the fact that all output is written to a 'proposed' directory for manual user review and approval before being promoted to an active skill.
[REMOTE_CODE_EXECUTION]: No patterns of arbitrary remote code execution (e.g., curl | bash) were found. The skill communicates with LLM backends (Local LM Studio, Claude, or Foundry) via standard API calls using the httpx library.

autoskill