The Agent Skills Directory

[SAFE]: The skill serves as an operational guide for the npx skills CLI utility. All instructions and references are focused on legitimate user tasks related to skill management and documentation.\n- [COMMAND_EXECUTION]: The documentation provides instructions for executing the npx skills tool to perform management tasks such as listing installed skills, checking for updates, and initializing new projects. These commands are standard for the tool's intended use and do not involve unauthorized system modifications or privilege escalation.\n- [EXTERNAL_DOWNLOADS]: The skill describes the use of the skills add command, which retrieves content from external Git repositories (e.g., GitHub, GitLab). This is the primary function of the documented management tool and is presented in a neutral, informational context.\n- [PROMPT_INJECTION]: The documented tool facilitates an indirect prompt injection surface as it installs and manages instruction sets (SKILL.md files) from third-party repositories that the agent eventually loads. 1. Ingestion points: External Git repositories specified by the user via skills add (as described in references/commands.md). 2. Boundary markers: The documentation does not specify boundary markers or delimiters for imported content. 3. Capability inventory: The tool installs instructional files into agent-specific directories for runtime execution. 4. Sanitization: No content sanitization or validation processes are described in the provided technical guides.

vercel-skill-cli-expert