The Agent Skills Directory

[SAFE]: The skill utilizes reputable, well-known libraries such as pypdf, pdfplumber, and reportlab for PDF operations. The implementation follows standard programming practices for document processing.
[PROMPT_INJECTION]: The skill possesses a natural surface for indirect prompt injection as it processes untrusted PDF documents. This risk is inherent to the skill's primary function and is mitigated by the agent's internal safety guardrails.
Ingestion points: Data is ingested by reading text, metadata, and form fields from external PDF files using pypdf and pdfplumber in scripts like extract_form_field_info.py.
Boundary markers: Extracted content is not explicitly delimited with markers or instructions to ignore embedded commands.
Capability inventory: The skill includes scripts for file creation (PdfWriter.write), image conversion (pdf2image), and PDF annotation (pypdf.annotations).
Sanitization: Extracted data is used as-is by the agent; however, the provided scripts are technical utilities and do not directly execute extracted text.
[COMMAND_EXECUTION]: The script scripts/fill_fillable_fields.py applies a dynamic monkeypatch to the pypdf library.
Evidence: The method DictionaryObject.get_inherited is replaced at runtime to address a specific bug in selection list processing. This is a legitimate functional correction necessary for the skill's operation and does not present a security risk.

pdf