The Agent Skills Directory

[COMMAND_EXECUTION]: The skill frequently invokes system utilities and shell commands to manage platform-specific features. This includes using osascript on macOS, powershell.exe on Windows, and xdotool or ydotool on Linux to simulate user keystrokes for clipboard operations and browser control. It also executes npx and bun to run internal scripts for rendering and conversion.
[EXTERNAL_DOWNLOADS]: The skill fetches external assets from remote servers at runtime. Specifically, it downloads font files from GitHub and JSDelivr CDN mirrors to generate article covers and retrieves remote images defined in Markdown or HTML files for processing.
[REMOTE_CODE_EXECUTION]: The skill implements an automated dependency manager in scripts/ensure-deps.ts that dynamically installs required npm packages using npm install --no-save. It also dynamically loads and executes JavaScript modules for code syntax highlighting from a remote Aliyun OSS CDN and generates/executes temporary Swift scripts on macOS for clipboard management.
[PROMPT_INJECTION]: The skill ingests data from external URLs and search results using agent tools. This untrusted content is interpolated into HTML article templates during the generation phase, which creates an indirect prompt injection surface where malicious source data could attempt to influence the agent's behavior.

wechat-article-maker