Review checklist
How to review a SKILL.md file before installing it
A SKILL.md file can look like documentation, but it often teaches an agent how to run tools, read files, install packages, and move data. Review it like source code that may execute on your machine.
Start with the authority it asks for
List every tool, command, local path, environment variable, credential, and network endpoint the skill mentions. A skill that only formats text has a very different risk profile from one that launches shell commands or edits repositories.
Follow every referenced file
Review scripts, package files, templates, MCP configs, and remote URLs linked from the skill. Risk often hides outside the main Markdown file in install hooks, helper scripts, and downloaded payloads.
Look for data movement
Pay close attention to instructions that read broad folders, collect logs, inspect environment variables, call webhooks, upload archives, or paste local context into third-party services.
Require reproducible source metadata
Prefer skills pinned to a repository, path, and commit. A scanned commit makes later review possible and prevents a harmless-looking URL from silently changing under the same link.