The Agent Skills Directory

[DATA_EXFILTRATION]: The skill uploads user-provided prompts and reference files (via the upload command) to the vendor's domain at www.anygen.io for processing. This is consistent with the skill's stated purpose for server-side generation.
[EXTERNAL_DOWNLOADS]: Downloads generated content, including storybook files and preview thumbnails, from the anygen.io platform to the local workspace.
[COMMAND_EXECUTION]: Executes local Python scripts (scripts/anygen.py) to interact with APIs and manage configuration. It also leverages background subagents via sessions_spawn to poll for task completion and send notifications through well-known services like Feishu.
[CREDENTIALS_UNSAFE]: Manages the ANYGEN_API_KEY by storing it in a configuration file at ~/.config/anygen/config.json. The implementation utilizes defensive coding by setting file permissions to 600 to restrict access.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests and processes untrusted data from user-uploaded files.
Ingestion points: User files such as PDFs or images are read and their summaries are sent to the preparation API.
Boundary markers: The instructions lack explicit delimiters or instructions to ignore potential commands embedded within the text extracted from reference files.
Capability inventory: The skill has the ability to perform network requests, write to the local filesystem, and spawn background sessions with subagent prompts.
Sanitization: There is no evidence of sanitization or filtering of the content extracted from reference files before it is used to influence the generation process.

anygen-storybook