The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/init_skill.py uses chmod(0o755) to set executable permissions on a newly created template script (scripts/example.py). This is a standard and expected operation for a tool designed to initialize development project structures.
[DATA_EXPOSURE]: The initialization and packaging scripts (scripts/init_skill.py and scripts/package_skill.py) perform file system operations, including creating directories, writing files, and generating zip archives. These actions are performed on user-specified paths as part of the skill's primary function.
[PROMPT_INJECTION]: The skill facilitates the creation of new skills by processing user-provided examples and requirements. This creates a surface for indirect prompt injection where untrusted user input could be written into generated instructions or scripts. However, the skill includes validation logic in scripts/quick_validate.py to check for basic formatting and naming conventions, and the process is intended for development purposes.
Ingestion points: User input defining skill names, descriptions, and functional examples (SKILL.md).
Boundary markers: None specific; instructions guide the agent to format output according to a specific template.
Capability inventory: File writing, directory creation, and permission modification (chmod) in scripts/init_skill.py; file reading and archive creation in scripts/package_skill.py.
Sanitization: scripts/quick_validate.py performs regex-based validation on skill names and checks descriptions for suspicious characters like angle brackets.

skill-creator