The Agent Skills Directory

[SAFE]: The skill functions as a design-time assistant, guiding users through an interview process to generate a new skill structure. No malicious patterns or deceptive instructions were identified.- [EXTERNAL_DOWNLOADS]: The image generation script (scripts/generate_image.py) communicates with generativelanguage.googleapis.com, which is the official and well-known endpoint for the Google Gemini API. This is a legitimate and safe use of an external service.- [CREDENTIALS_UNSAFE]: The skill follows security best practices for credential management. The image generation script retrieves its API key from environment variables or command-line arguments rather than hardcoding them. Templates use non-functional placeholders like REMOVED_GEMINI_KEY.- [COMMAND_EXECUTION]: The skill performs file system operations to create directories and write configuration files for the newly created skills. These operations are restricted to the skills/ directory and are essential for the skill's primary purpose of code generation.- [PROMPT_INJECTION]: The instructions are focused on structured data collection and templating. There are no attempts to bypass safety filters, override system behavior, or extract sensitive model information.- [DATA_EXFILTRATION]: No patterns of sensitive data access or exfiltration were detected. The skill does not access private files (like SSH keys or AWS credentials) and only transmits user-provided prompts to the specified Google API.

image-skill-builder