The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/fill_fillable_fields.py modifies the internal behavior of the pypdf library at runtime.
Evidence: The monkeypatch_pydpf_method function reassigns the DictionaryObject.get_inherited method to a local implementation to adjust how PDF form field attributes are retrieved.
[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes content from untrusted external PDF documents.
Ingestion points: PDF files read and processed through the pypdf and pdfplumber libraries as described in SKILL.md and forms.md.
Boundary markers: None; the skill does not instruct the agent to use delimiters or ignore instructions found within the processed PDF content.
Capability inventory: The skill has the capability to read/write files and provides instructions for executing external command-line tools.
Sanitization: No sanitization or validation of the text extracted from PDF files is performed before processing.
[PROMPT_INJECTION]: There is a discrepancy in the metadata regarding the skill's authorship and licensing.
Evidence: The skill metadata identifies "Agilkannan" as the author, whereas the LICENSE.txt file attributes ownership to "Anthropic, PBC".
[COMMAND_EXECUTION]: The skill documentation provides instructions for the agent to execute various system-level command-line utilities.
Evidence: SKILL.md and reference.md contain commands for qpdf, pdftotext, pdftoppm, pdfimages, and the ImageMagick magick tool.

pdf