The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to use the npx skills command-line utility for managing skill installations and repository maintenance. This includes commands such as add, list, find, remove, update, and init.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of content from external sources, specifically GitHub repositories, using the npx skills add <owner/repo> command. Examples provided in the documentation refer to repositories owned by the vendor 'redpanda77'.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it is designed to ingest and process data from external, potentially untrusted sources.
Ingestion points: The npx skills add command fetches SKILL.md files and associated reference documents from external GitHub repositories.
Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when processing the content of downloaded skills.
Capability inventory: The skill uses the npx skills CLI which performs file system modifications and network operations.
Sanitization: There is no mention of sanitization or validation of the natural language instructions contained within the downloaded skill files before they are loaded into the agent's context.

skill-repo-manager