The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/datasheet_page_selector.py utilizes subprocess.run to call pdfinfo and pdftotext for PDF metadata and text extraction. These calls are implemented using argument lists rather than shell strings, which prevents command injection vulnerabilities via PDF file paths.
[DATA_EXFILTRATION]: No network-related functions or external data transfer mechanisms were found. The skill operates entirely within the project's local filesystem to manage its extraction cache.
[PROMPT_INJECTION]: The skill's instructions in SKILL.md and reference guides focus solely on technical extraction logic and do not contain instructions aimed at overriding agent behavior or bypassing safety filters.
[CREDENTIALS_UNSAFE]: No hardcoded API keys, secrets, or attempts to access sensitive system directories (such as .ssh, .aws, or .env files) were identified in the source code or documentation.

datasheets