The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses a set of local Python scripts to manage the skill lifecycle, including discovery, triage, and packaging. These operations are confined to the agent's workspace (~/.claude/skills/) and include security-focused implementations, such as path traversal mitigation (CWE-22) in scripts/package_skill.py and input validation in scripts/init_skill.py.- [DATA_EXFILTRATION]: No network exfiltration or credential harvesting patterns were identified. The skill performs local file system operations to maintain a cache of installed skills for its recommendation engine.- [PROMPT_INJECTION]: The instructions provide a structured analytical framework (11 thinking models) for building high-quality skills. It does not contain patterns designed to override agent safety protocols or bypass instruction filters.- [SAFE]: The inclusion of scripts/check_docs_safety.py indicates a proactive approach to security; this script specifically audits documentation for unsafe shell interpolation patterns ($TOOL_INPUT) in command examples, ensuring that the generated skills follow safe handling practices.

skillforge