The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the 'npx' utility to manage agent skills.
Evidence: Commands like npx skills find [query], npx skills add <package>, npx skills check, and npx skills update are documented for the agent to use.
[REMOTE_CODE_EXECUTION]: The skill's primary function is the installation of external code from remote repositories, which is then executed within the agent's environment.
Evidence: The instruction npx skills add <owner/repo@skill> -g -y allows for the global installation of code from GitHub. The use of the -y flag specifically skips confirmation prompts, enabling the silent installation of potentially untrusted third-party code.
[EXTERNAL_DOWNLOADS]: The skill fetches package metadata and executable code from external network sources.
Evidence: Interactions with https://skills.sh/ for discovery and various GitHub repositories for package acquisition.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted data from an external registry.
Ingestion points: The output of npx skills find [query] (metadata from the skills.sh registry) is read into the agent context in SKILL.md.
Boundary markers: No delimiters or safety instructions are provided to the agent to ignore instructions embedded in package descriptions.
Capability inventory: The skill has the capability to write files and execute commands via npx skills add documented in SKILL.md.
Sanitization: No sanitization or validation of the external registry output is performed before presentation or processing.

find-skills