The Agent Skills Directory

[COMMAND_EXECUTION]: The framework allows the execution of arbitrary shell commands through the built-in bash tool, custom shell tools, and shell verifiers within a containerized workspace.
[EXTERNAL_DOWNLOADS]: The skill facilitates downloading the portlang CLI tool from the vendor's official Homebrew tap and uses npx to fetch MCP servers from well-known organizations like @modelcontextprotocol.
[REMOTE_CODE_EXECUTION]: Custom Python tools can define third-party dependencies using PEP 723 metadata, which are automatically installed from official registries at runtime using the uv tool.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes untrusted data from tool outputs and files that are interpolated into agent prompts.
Ingestion points: Data provided via the --input flag, file contents in the workspace, and results from external tool calls are processed by the agent.
Boundary markers: The framework provides robust boundary controls, including file-system write patterns (allow_write), network access toggles, and token/cost ceilings.
Capability inventory: Includes shell access, file-system manipulation, and the ability to run arbitrary Python code with dependencies.
Sanitization: Relies on defined boundaries and the agent's internal logic; does not specify automated sanitization for external content interpolated into prompts.

portlang