arXiv:2605.19362v1 Announce Type: cross Abstract: Users often interpret and select agent skills through their \texttt{SKILL.md} specifications. To protect users, existing audits mainly focus on malicious or unsafe skills. We study the complementary question of whether specifications help users form bounded expectations about what a skill consumes, produces, and covers. Across 878 cybersecurity skills, we used rule-based coding to measure textual cues for four comprehension anchors, namely operational basis, output contract, boundary disclosure, and example capability demonstration. Cues for op
Source: arXiv cs.AI — read the full report at the original publisher.