The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references a GitHub repository (tw93/kami) for installation and suggests downloading the weasyprint library from PyPI for PDF rendering.\n- [COMMAND_EXECUTION]: Includes shell commands for adding the skill via npx and performing document conversion using weasyprint and Node.js.\n- [REMOTE_CODE_EXECUTION]: The npx installation method downloads and executes the skill package from GitHub, which is an expected behavior for skill distribution on this platform.\n- [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection as it interpolates untrusted user data into HTML templates (e.g., in SKILL.md prompt patterns). While no boundary markers or explicit sanitization are present, the skill's capabilities are limited to static document generation, posing no immediate threat of privilege escalation or data exfiltration.

kami-document-design