The Agent Skills Directory

[CREDENTIALS_UNSAFE]: A hardcoded Google AI Studio API key was found in a template file used for skill generation.
File: references/skill-template.md
Evidence: The key AIzaSyDvvGGRbH4Os3Er0dYi0kE_AzE3_2b_Az8 is present in the API 配置 section and in the example command line. This key is exposed and would be proliferated into every new skill created by this builder.
[COMMAND_EXECUTION]: The skill performs automated directory and file creation on the local filesystem.
File: SKILL.md
Evidence: Phase 5 instructions direct the agent to create a complex folder structure under skills/[skill-name]/ and write multiple files including scripts and markdown files.
[COMMAND_EXECUTION]: The skill references and attempts to execute an external script not provided in the package.
File: SKILL.md
Evidence: Phase 5.6 instructs the agent to run quick_validate.py, which is missing from the provided skill files.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it interpolates unvalidated user input directly into the generated skill's instructions.
Ingestion points: User responses to Q&A in SKILL.md (e.g., scenario descriptions, custom styles).
Boundary markers: Absent. There are no delimiters or instructions to ignore embedded commands in the user-provided data.
Capability inventory: The generated skills have the capability to write files and execute the generate_image.py script.
Sanitization: Absent. User input is placed directly into the SKILL.md and style-guide.md templates without filtering.

image-skill-builder