The Agent Skills Directory

[SAFE]: All network requests are directed to the official vendor domain www.anygen.io via secure HTTPS connections. The skill uses allow_redirects=False as a defensive measure against redirection attacks.- [CREDENTIALS_UNSAFE]: The skill manages a vendor API key (ANYGEN_API_KEY) using a local configuration file with restricted filesystem permissions (chmod 600). The CLI tool includes logic to mask the key when displaying configuration settings.- [COMMAND_EXECUTION]: Python scripts are used to manage API communications and file transfers. Long-running tasks are monitored in the background using sessions_spawn with functional instruction sets that maintain task state without bypassing agent safety protocols.- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by processing user-uploaded financial documents. Ingestion points: Files are read and transmitted to the API in scripts/anygen.py. Boundary markers: Prompt templates do not currently employ explicit delimiters for user-provided data. Capability inventory: The skill has permissions for network communication (requests) and file system write operations. Sanitization: Instructions recommend summarizing document content before inclusion in the API request, which serves as a mitigation against malicious content embedded in reference files.

anygen-financial-research