The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local bash script (scripts/scan.sh) to iterate through the ~/.claude/skills/ directory. It uses standard command-line utilities such as grep, sed, and tr to parse the YAML frontmatter of installed skills. This execution is limited to metadata extraction and is consistent with the skill's stated purpose.- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted metadata from other installed skills, creating a potential surface for indirect prompt injection if those skills contain malicious instructions in their descriptions.
Ingestion points: Reads SKILL.md files from subdirectories within ~/.claude/skills/.
Boundary markers: None present; metadata is extracted and directly rendered into an ASCII map for the user.
Capability inventory: The skill has read-only access to the local skills directory and uses basic shell utilities for string processing.
Sanitization: The script performs basic sanitization by truncating descriptions to 80 characters and escaping special characters for JSON output.

ljg-skill-map