The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches documentation from docs.rs, which is a well-known service for the Rust ecosystem. These downloads are used to generate reference material and instructions locally.
[COMMAND_EXECUTION]: Employs shell commands including mkdir and rm -rf to manage a dedicated local directory structure at ~/.claude/skills/. The destructive rm -rf command is strictly scoped to the skill's own data directory.
[DATA_EXFILTRATION]: Reads local Cargo.toml files to identify project dependencies. This data is processed locally to determine which documentation resources to fetch.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it ingests untrusted text from an external source to generate agent instructions (SKILL.md). Evidence: (1) Ingestion point: SKILL.md fetching .docblock content via browser or WebFetch. (2) Boundary markers: No delimiters or ignore-instructions warnings are specified in the generation template. (3) Capability inventory: The skill performs file system writes and directory cleanup via shell commands. (4) Sanitization: No sanitization or validation of the fetched documentation content is mentioned before it is interpolated into the new skill instructions.

core-dynamic-skills