The Agent Skills Directory

[COMMAND_EXECUTION]: The Pi agent is designed to execute shell commands directly via the bash tool and special command prefixes (!command, !!command). This is the intended primary purpose of the coding harness and is documented with appropriate security warnings for the user.
[EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the Pi CLI via a vendor-hosted script (https://pi.dev/install.sh) and managing ecosystem packages via npm or Git. All installation commands are presented with security best practices, such as the use of --ignore-scripts to prevent malicious lifecycle hooks.
[REMOTE_CODE_EXECUTION]: The skill enables the use of TypeScript-based extensions and third-party packages which run with the user's full local permissions. The documentation includes a dedicated security reference (references/security.md) that defines the project trust boundary and advises on environment isolation for safety.
[DATA_EXFILTRATION]: The tool includes capabilities for web searching and content fetching via the pi-web-access package. While this allows communication with external domains, the functionality is transparently documented and serves the agent's primary purpose of gathering technical information.
[CREDENTIALS_UNSAFE]: The system manages API keys and authentication tokens in a centralized local file (~/.pi/agent/auth.json) with restricted permissions (0600). The skill also supports resolving secrets from environment variables or command-backed lookups (e.g., using 1Password CLI), which is a recommended secure practice.

pi-agent