The Agent Skills Directory

[PROMPT_INJECTION]: The skill incorporates an indirect prompt injection surface as it processes external content from URLs to guide image generation. The mandatory evidence chain is as follows: 1. Ingestion points: Research URLs are ingested in the 'Research the situation' workflow step and stored in the research_anchors JSON field. 2. Boundary markers: The skill uses a structured JSON prompt pipeline and a mandatory review_checklist to validate instructions before execution. 3. Capability inventory: The skill uses image generation tools and a local script for file management and browser previews. 4. Sanitization: External inputs are converted into a structured English JSON format and must pass a manual review check before being used in the final generation prompt.
[COMMAND_EXECUTION]: The skill includes a local script (archive-generated-images.mjs) for archiving assets and launching a browser preview. It uses spawnSync to execute system commands, with security controls such as slugification of user-provided topics to prevent command injection.

image-maker