The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides a bash script intended for the agent to execute automatically to perform identifier conversion.
Evidence: Bash snippet in SKILL.md using curl, grep, and cut to process API responses and append results to the local config file.
[CREDENTIALS_UNSAFE]: The skill instructs the agent to collect and store high-privilege DingTalk application credentials in a persistent local file.
Evidence: SKILL.md specifies collecting DINGTALK_APP_KEY and DINGTALK_APP_SECRET and storing them in ~/.dingtalk-skills/config.
[EXTERNAL_DOWNLOADS]: The skill interacts with external APIs to retrieve access tokens and document data.
Evidence: Multiple references and instruction blocks targeting api.dingtalk.com and oapi.dingtalk.com (Well-known services).
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes document content from an external platform without explicit sanitization rules for the text blocks.
Ingestion points: Document content retrieved via GET /v1.0/doc/suites/documents/{docKey}/blocks in SKILL.md and references/api.md.
Boundary markers: None specified for the document content processing.
Capability inventory: Subprocess execution (bash script), file-system writes (~/.dingtalk-skills/config), and network operations (DingTalk API).
Sanitization: No specific escaping or validation mentioned for the content retrieved from DingTalk nodes.

dingtalk-document