The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/init_skill.py performs local file system operations to scaffold a new skill structure. This includes creating directories and writing template files (SKILL.md, example.py, etc.). It applies execution permissions (chmod 0o755) to the generated Python scripts, which is standard behavior for developer tools and is restricted to the newly created files.
[SAFE]: The validation logic in scripts/quick_validate.py uses yaml.safe_load(), which correctly prevents arbitrary code execution vulnerabilities during the parsing of skill metadata.
[SAFE]: The packaging script scripts/package_skill.py uses the standard Python zipfile module to archive skill contents. It operates strictly on the local file system within specified paths and does not perform network operations or access sensitive system directories.
[SAFE]: The instructional content in SKILL.md and the reference files focus on structural guidelines and design patterns. No prompt injection attempts or obfuscated commands were detected within the documentation or prose.

skill-creator