The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the simplicity-cli command to perform PDF operations. It includes instructions for installing the CLI tool if it's missing using uv or pip.
[EXTERNAL_DOWNLOADS]: The skill encourages downloading and installing the ai-pdf-filler package from external repositories (PyPI/uv) to enable its functionality. This package is associated with the skill's author.
[CREDENTIALS_UNSAFE]: The skill instructs users to provide an API key as a command-line argument (--api-key "<api_key>"). While using placeholders, this pattern can lead to sensitive keys being stored in shell history or process listings. It also mentions a local configuration file ~/.config/simplicity-cli/config.json for storing the key.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. * Ingestion points: External data enters the agent context via the --form-url, --source-url, --context, and --instructions parameters in SKILL.md. * Boundary markers: There are no explicit boundary markers or instructions to the LLM to ignore embedded commands within the source documents or context strings. * Capability inventory: The skill has the capability to execute shell commands (simplicity-cli) and perform network operations (fetching remote PDFs). * Sanitization: There is no evidence of sanitization or validation of the content provided in the context or fetched from URLs before it is processed by the CLI tool.

ai-pdf-filler-cli