The Agent Skills Directory

[SAFE]: The skill provides a structured framework for creating modular AI agent skills, emphasizing context efficiency and security standards.- [COMMAND_EXECUTION]: The skill includes Python scripts (init_skill.py, package_skill.py) for automating the skill creation lifecycle.
scripts/init_skill.py: Initializes a skill directory with templates. It sanitizes the skill name using regex re.sub(r"[^a-z0-9]+", "-", normalized) to prevent injection or path traversal via the name.
scripts/package_skill.py: Packages a skill folder into a .skill archive. It includes critical security controls: symlink rejection to prevent arbitrary file read attacks, and path escape validation using _is_within to ensure all packaged files are physically located within the skill's root directory.
scripts/quick_validate.py: Performs structural validation of skills and uses yaml.safe_load for secure metadata parsing.- [DATA_EXFILTRATION]: No network operations, hardcoded credentials, or exfiltration patterns were detected. File system operations are restricted to the local development environment and target skill directories.- [PROMPT_INJECTION]: The instructions in SKILL.md are educational and descriptive of the skill creation process, containing no attempts to override agent constraints or bypass safety guidelines.

skill-creator