The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions in 'SKILL.md' (Step 6) direct the agent to execute a dynamically generated script using 'python3 //scripts/cli_tool.py --help' to verify generation success.- [COMMAND_EXECUTION]: The script 'scripts/skill_generator.py' (line 147) automatically modifies file permissions using 'filepath.chmod(0o755)' to make the generated 'cli_tool.py' executable.- [EXTERNAL_DOWNLOADS]: The parser in 'scripts/openapi_parser.py' (line 46) uses 'urllib.request.urlopen' to fetch OpenAPI specifications from remote URLs provided by the user during the workflow.- [REMOTE_CODE_EXECUTION]: The core workflow across 'SKILL.md' and 'scripts/skill_generator.py' involves generating Python code from untrusted external inputs (OpenAPI specs) and subsequently executing that code. This pattern is vulnerable to indirect prompt injection where malicious content in the specification (e.g., in endpoint descriptions or summaries) could trick the AI into generating and executing harmful code blocks.- [DATA_EXPOSURE_AND_EXFILTRATION]: The generated 'cli_tool.py' template in 'scripts/skill_generator.py' and 'references/cli_tool_example.md' is designed to interact with APIs and handles authentication tokens via environment variables. While standard practice, users should ensure the generated scripts do not inadvertently log or expose these credentials.

swagger2skill