Prototype

Name/description (interactive HTML prototypes) aligns with the included script and commands (create, component, animate, link, preview, export). The only declared requirement is bash 4+, which is appropriate for a shell script-based tool.

SKILL.md tells the agent to run scripts/script.sh with explicit commands and options. The script generates and updates HTML/CSS/JS files and prints previews; it does not request reading unrelated system files or contacting external endpoints. Note: the script writes files to user-specified output paths and reads prototype input directories (for preview/export), so pointing it at sensitive system paths could overwrite or expose files — this is expected behavior for a file generator but worth caution.

No install specification is provided (instruction-only with a bundled script). Nothing is downloaded or written to disk beyond the included script when the skill is installed; execution happens when the agent runs the script. This is low-risk compared to remote installs.

The skill does not request environment variables, credentials, or config paths. The script does not appear to read secrets or external tokens, which fits the stated purpose.

always: false and no special persistence or modification of other skills or agent configuration are requested. The skill can be invoked by the model (normal default) but does not demand elevated or permanent privileges.